28 Sep IE Leaks Contents of URL Address Bar
A security researcher recently discovered an Internet Explorer bug that attackers can use to see anything that a user types in his URL address bar.
Manuel Caballero says in a technical writeup that the bug can occur when IE loads a malicious HTML object and features the compatibility meta tag in its source code, two conditions which are fairly easy to meet.
Caballero adds that the bug is a big privacy risk since it can be used not only for reconnaissance operations, but also for data harvesting.
Source: Bleeping Computer