Despite all the publicity over IE7’s spanking new anti-phishing filters, it seems that they just can’t stop some getting through. Microsoft has announced it is investigating a new possible vulnerability that could allow phishing hackers to send users to malicious sites.
Phishing is when a site that appears to be genuine is actually fake. Hackers often target banking sites for such scams to capture users’ personal information and account login information. The vulnerability has been identified as a ‘cross X scripting’ issue which redirects users to fake sites. The hole is exploited when hackers inject a code into the scripts running in IE7. In the case Microsoft is investigating, the script triggers a ‘Navigation Cancelled’ error page when IE is loading. The link displayed on the page can then be used by hackers to point at malicious sites.
The incident comes as something of an embarrassment to Microsoft who only last December had to issue updates for IE7’s phishing filter. The update addressed the issue some users were experiencing where the CPU usage was being hogged by the filter. It was a particular problem when surfing pages that contained frames or multiple frames which sent the filter into a spin.
At the moment, the current suspected threat is limited to Windows XP and Vista. If you’re worried about the threat to your PC in the meantime, try Phishing Zapper or BPS Phishing Blaster. Neither can guarantee against this attack but should ensure your chances of being hit are considerably reduced.