Microsoft will not block spoofing threat

Microsoft says it will not adapt Internet Explorer to stop malicious Java dialog boxes appearing on trusted sites that users have accessed.

Microsoft says it will not adapt Internet Explorer to stop malicious Java dialog boxes appearing on trusted sites that users have accessed.

 

The problem, reported by security research company Secunia, affects all browsers and not just Internet Explorer.

 

The dialog boxes appear on users’ desktops if they have previously visited a malicious website and have inadvertently downloaded rogue JavaScript code onto their machines.

 

The boxes are a phishing attempt to get users to enter sensitive data such as passwords, which can be forwarded to remote fraudsters.

 

Microsoft is the first company to react to the threat, via an advisory on its TechNet site.

 

The company said the threat was not a result of a bug in its browser, but could only happen as a result of standard browser functionality.

 

It said users could tell that a dialog box that popped up was false by the lack of an address bar and a lock icon.

 

Microsoft has instead referred users to two sites that inform users about how to spot such spoofing attacks. 

 

A firewall installed on users’ machines would help to prevent the rogue code being downloaded in the first place.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close