Caution! A very serious flaw in Internet Explorer was revealed

A very serious security flaw in all versions of Internet Explorer allows attackers to steal user credentials or to conduct phishing attacks through any website.Internet Explorer

Vulnerability, affecting even its fully updated versions Internet Explorer 11 running on Windows 7 and 8,1, was revealed by security researcher David Leo of security firm Deusen. The researcher has publish the technique in detail which allows a hacker to bypass Internet Explorer's Same-Origin Policy (a fundamental component of Internet applications) which allows cross-site forgeries and scripts with malicious content on web pages.

Vulnerability is a cross-site scripting (XSS). In other words, an attacker is able to run content scripts and inject code on a web page. One integrated PoC published by Leo proves the error through a Daily Mail website.

By the XSS flaw, the security researcher was able to modify the site's content externally, and because of the severity of the vulnerability, it could also be used to steal the content of the site, such as identity cookies or login a user while browsing.

Changes to HTML and theft of cookies by a hacker could be used for phishing campaigns even on trusted sites.

According to the researcher, the vulnerability was reported to Microsoft on 13 in October of 2014.

Microsoft technicians have been trying to repair the security gap since then.

If you use IE it would be good to change your browser, at least until the vulnerability has been fixed. The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.098 registrants.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).