Internet Explorer security

Details Emerge on IE 8 Data-Stealing Bug

Security researcher Chris Evans has released details of the data-stealing bug in Internet Explorer 8 that he publicized earlier this month, saying that the CSS flaw can be used to force victims to post messages on Twitter and that the bug appears to be no closer to being fixed.

Busting Frame Busting

In this video from the OWASP AppSec Research conference, Gustav Rydstedt from Stanford University, discusses frame-busting and clickjacking vulnerabilities on popular Web sites.

Microsoft Confirms New IE Data Leakage Flaw

Microsoft today issued a security advisory to acknowledge an information disclosure hole in its Internet Explorer browser and warned that an attacker could exploit the flaw to access files
with an already known filename and location.The vulnerability was first discussed at this week’s Black Hat DC conference by Jorge Luis Alvarez Medina, a security consultant with Core Security
Technologies.   Microsoft says the risk is highest for IE users running Windows XP or who have disabled the browser’s Protected Mode feature.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.