New vulnerability found in IE 5.01-6.0

Well, it’s newly discovered, but it’s a six year old bug… Basically, IE doesn’t check which window a frame is in, so window #1 can open a page inside a frame in window #2. This has been verified on a fully patched WinXP/IE6.

Here’s an example. will open in a new window. Once that’s loaded, come back here and inject into Windows Update. Switch back to the Windows Update window, and tell me what you see.

Now imagine if I had used a fake updates page linked to spambots and keyloggers instead of my obviously-not-WindowsUpdate page… It seems like no matter how many major IE bugs get fixed, there’s always another one coming up…

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: This post is over 5 years old. You may want to check later in this blog to see if there is new information relevant to your comment.