back to article Microsoft blunts hooks of nasty Internet Explorer phishing flaw

Microsoft is investigating an alleged vulnerability in its flagship Internet Explorer browser. The cross-site scripting hole disclosed Saturday by hacker David Leo includes functional proof of concept code, according to confirmed reports. Vulture South reported the flaw to Microsoft Friday and has been told it is working to …

  1. This post has been deleted by its author

  2. RyokuMas
    Facepalm

    Another day...

    ... another IE vulnerability. No wonder MS are pushing this new Spartan project.

    But then again, if the software business doesn't work out, the IE team could always link up with the guilty parties behind Flash and go into hardware... kitchen hardware... specifically sieves, collenders and those spoons you use for draining veggies...

  3. Tom Chiverton 1

    Where the exploit is explained

    Oh no it isn't.

    1. Michael Wojcik Silver badge

      Re: Where the exploit is explained

      True, neither Leo's site, nor his essentially identical posts to Bugtraq and Full Disclosure, actually explain the vulnerability.

      As Fowler's follow-up (quoted in the article) implies, though, it's possible to reverse-engineer Leo's attack from the page source. It's convoluted, to put it mildly, but the meat of it is setting window.frames[0].document.body.innerHTML, in a script that's set as the location of top.frames[1].

      There's also another script that mucks about with loading Cloudflare, and Ben Lincoln on Full Disclosure asks if this vulnerability only applies to (IE and) sites that use Cloudflare. I haven't looked into the matter myself.

      Also on FD, Zaakiy Siddiqui notes that IE 9 does not seem to be vulnerable, but Spartan apparently is.

  4. Anonymous Coward
    Trollface

    working to develop a patch. We've not been offered a timeframe fo the fix.

    In no less than 90 days.

    1. Michael Wojcik Silver badge

      Leo reported it to Microsoft on 13 October. They've already had more than 90 days.

      (And I don't understand the title of the article. In what sense has Microsoft "blunted" anything about this vulnerability? Does telling Darren Pauli that, oh yeah, they expect they'll fix it eventually count as remediation now?

  5. Anonymous Coward
    FAIL

    How about Devs stop being lazy?

    X-Frame-Options and X-XSS-Protection are nothing new, just like lazy devs that fail to implement basic, simple protections.....mostly because they never have a clue about how the applications they build actually work, or are being used. ....they never take control, just place blame.

    Just ask them to set frame options and you'll usually hear, "Well, what if someone is framing our site?" Yeah .... no clue how the site is being used.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like