IE Leaks Contents of URL Address Bar

IE Leaks Contents of URL Address Bar

A security researcher recently discovered an Internet Explorer bug that attackers can use to see anything that a user types in his URL address bar.

Manuel Caballero says in a technical writeup that the bug can occur when IE loads a malicious HTML object and features the compatibility meta tag in its source code, two conditions which are fairly easy to meet.

Caballero adds that the bug is a big privacy risk since it can be used not only for reconnaissance operations, but also for data harvesting.

Source: Bleeping Computer

Disini & Disini Law Office