Journal
Archives Favs
Gallery
Videos
Friends
Followers
Content
Links Pages Files
roy
Roy Kim
San Diego, California, United States

About

The weblog of Roy Kim

Categories

 
December 9, 2003

IE Vulnerabilities and Viruses

There's a new nasty vulnerability out that basically lets you spoof any URL you want. Want an example?



Notice in IE says in the webaddress ... and my blog is obviously NOT yahoo.com.

There's no fix for this yet (and probably won't be for a while).

This is pretty scary because spammers can make websites that look exactly like the real site that ask for your CC information ... and then abuse the heck out of the CC cards. Very scary.

So if you get ANY emails asking you to "visit" their site to re-input CC information, DON'T DO IT.

As a side note, I hope all of you are keeping updated on your Microsoft Windows patches; installing the "Critical Updates" will help virus prevention.

. . .

In what seemingly seems to becoming the story of my life, I fell short when I ordered my chinese food; I only took down $7 when I meant to take down $11.

Then when I went back downstairs to buy a drink, I only took $0.65, when I needed $0.75.

Sigh.
Posted by roy on December 9, 2003 at 06:54 PM in | 9 Comments

Related Entries

Linked Entries

These are Tabulas entries which have linked to this particular entry.

Want to comment with Tabulas?. Please login.

MacDaddyTatsu (guest)
Comment posted on February 9th, 2004 at 01:25 PM
Figured out what was wrong. Your link:

http://www.yahoo.com@www.tabulas.com/~roy/

How it works in mine:

http://www.yahoo.com@http://www.tabulas.com/~roy/
Reply to this comment

MacDaddyTatsu (guest)
Comment posted on February 9th, 2004 at 01:23 PM
Wait, doesnt the "" have to appear AFTER the "@" or am I wrong...God My memory of these exploits is shot!
Reply to this comment

MacDaddyTatsu (guest)
Comment posted on February 9th, 2004 at 01:21 PM
The link dont work for me.
Reply to this comment

sandler
Comment posted on December 11th, 2003 at 08:42 PM
sorry, comment posted as pierresassoir is from me.
Reply to this comment

dracil
Comment posted on December 11th, 2003 at 12:35 PM
That's why you use Mozilla Firebird instead of IE.
Reply to this comment

ecila
Comment posted on December 12th, 2003 at 02:00 PM
wow, i just noticed that xD

i normally use Mozilla Firebird instead of IE, and i didn't get what the whole fuss about with the button and yahoo, i don't know. But then i tested it in IE, and now i see the point :x.. aiii...
Reply to this comment

sandler
Comment posted on December 10th, 2003 at 06:29 PM
You can see when it's loading that it's not the real site. At the bottom it is something like "Opening page http://www.yahoo.com@www.tabulas.com/~roykim..."
Reply to this comment

roy
Comment posted on December 10th, 2003 at 06:48 PM
Yes, but how often are you looking down at your status bar while surfing the web?
Reply to this comment

PierreSassoir
Comment posted on December 11th, 2003 at 08:35 PM
true
Reply to this comment