[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

RE: [school-discuss] article

And yet when you go to that site in IE6 you get McAfee's warning that it's
trying to load the Exploit-URLSpoof trojan onto your drive.  I'm not an M$
defender, but they have had a patch for the past couple of weeks now and
when I'm at work I don't expect the tools I'm expected to work with to be
compromised by websites trying to make a point by proliferating the very
weakness they decry M$ for allowing!

William P. Worden

 -----Original Message-----
From: 	owner-schoolforge-discuss@schoolforge.net
[mailto:owner-schoolforge-discuss@schoolforge.net]  On Behalf Of Malc
Sent:	Wednesday, February 18, 2004 9:47 AM
To:	schoolforge-discuss@schoolforge.net
Subject:	Re: [school-discuss] article


(quote from page...)
Why You Need To Dump Internet Explorer Right Freaking Now
This Just In: Opensoft has developed a patch for the Internet Explorer
URL spoofing bug. Naturally it's open-source, and the source code is
available as well. They have a pair of fake Web pages, one for PayPal
and the other for Windows Update. Bravo, Opensoft!

Hi, kids. This morning a fresh Internet Explorer bug was reported by
the vigilant folks at Secunia. It's a very simple exploit that allows
anyone to hijack your browser and show you whatever page they want you
to see as if it came from the domain in question. I've prepared one
disturbing example right here:

Fake PayPal Login Screen

Things to Do and Notice:

Mouse over the link ... if you're using Internet Explorer, your status
bar should say http://www.paypal.com.
If you click it, you'll see something that looks just like the PayPal
login screen ... and if you're using IE6, your URL blank should say
If you click any button except Log In, the appropriate PayPal window
will come up, straight from the PayPal site.
But if you click the Log In link or button ... surprise!
Sure, Microsoft will fix this. Eventually. And you'll need to download
and apply a multi-megabyte patch for Windows, assuming of course that
your Internet connection is up to the task.

There's an alternative to all this foolishness. Please consider
switching to a Mozilla-powered Web browser as soon as possible.

For more information, please visit The Rumor Mill.


Do you Yahoo!?
Yahoo! Mail SpamGuard - Read only the mail you want.