Thursday, October 26, 2006 8:29 AM
cmosby
SANS Internet Storm Center - MSIE IE7 Popup Address Bar Spoofing Vulnerability
There is a great workaround for this problem here, it is not perfect, but it
will make it harder to get fooled.
Secunia (
http://secunia.com/advisories/22542/ is reporting a new
Microsoft Internet Explorer (MSIE) 7.0 vulnerability. This vulnerability allows
a malicious site to spoof the content of the address bar. Instead of the actual
URL, the user will see a "fake" URL. We tested the vulnerability and found it to
work quite well. As a quick workaround you may want to configure MSIE 7.0 to
open new windows in a new tab. In order to do this, Tools -> Internet Options
-> Tabs Settings -> When a pop-up is encountered: Always open pop-ups in a
new tab.
(click image for full size)
The PoC exploit by
Secunia is pushing the real URL off the screen to the left by adding multiple
'%A0' characters between the real URL and the string 'www.microsoft.com'. It
appears that the new window will only show right-most part of the URL. For tabs,
the left most part is shown.
This vulnerability has a lot of potential
for phishers or others that attempt to trick the user into trusting the popup
window as they trust the site displayed in the main window.