Microsoft Internet Explorer Vulnerability Warning Issued

The flaw focuses on IE's inline frames, often used for serving ads, which typically come from a different domain than content that appears on the same Web page. Microsoft's Internet Explorer 6, 7, and 8 beta 1 appear to contain a security flaw that could subject users who visit a malicious Web site or open a malicious e-mail message to arbitrary code. U.S. CERT has published a vulnerability note indicating Internet Explorer doesn't handle document frames securely.Document frames can be used to subdivide Web pages such that the content associated with each division comes from a different server or domain. These "iframes," or inline frames, often are used for serving ads, which typically come from a different domain than content that appears on the same Web page.The problem, as U.S. CERT describes it, is that "Microsoft Internet Explorer fails to properly restrict access to a document's frames, which may allow an attacker to modify the contents of frames in a different domain." Link: Secunia Security Advisory View: Full Article @ InformationWeek Read full story...

 


http://feeds.feedburner.com/~r/neowin-main/~3/325081161/microsoft-internet-explorer-vulnerability-warning-issued