Vulnerability in stealing input to address bar into Internet Explorer

bySean MacEntee

In Internet Explorer, it turned out that there was a vulnerability that a malicious third party could obtain information on what the general user put in the address bar.

Revealing the content of the address bar (IE) - Broken Browser

Internet Explorer bug leaks whatever you type in the address bar | Ars Technica

This was released by Michael Caballero, a web security expert.

You can use the object tag when embedding external data such as images, movies, sounds and HTML documents. However, according to Caballero, if the document mode of the page is specified as IE 8 or less with the latest Internet Explorer, the content embedded as the object tag behaves like an iframe but it recognizes as if it is the top window There is a bug in Internet Explorer that it will be done.

In this state, if malicious HTML or JavaScript code is inserted into external content such as advertisement or movie, the attacker can not know the keyword typed in the address bar by the user of the website .

Mr. Caballero has created a test site called "PROOF OF CONCEPT". By opening and touching the following URL in Internet Explorer, you can see what kind of thing will happen.

PoC - Revealing the content of the address - bar on IE

This is a hypothetical test site that malicious external content was embedded.

When typing a keyword in the address bar ......

"Let's read in your head, the search word has been acquired by the attacker that it is the page you want to go to" this page. In fact, since such a page is not displayed, the user will get his own information without knowing it.

You can also see how information is acquired from the following movies.

Revealing the content of the address bar on IE - YouTube

Microsoft in 2016Deprecation of Internet Explorer other than the latest versionAlthough it announced, there are many users of Internet Explorer as of 2017, Mr. Caballero urges attention that this vulnerability is "concern". "Microsoft is about to throw away the IE without clear words, and to be honest to say to the user" IE can not provide services like Edge ", it will be easier to prompt users to change "And" I firmly believe that IE should receive treatment like Edge as far as security is concerned, unless it completely throws away. "

in Software,   Video,   Security, Posted by logq_fa