Malicious Web sites can use the flaw to spoof content from a trusted Web site.
Internet security research group Secunia issued a warning Wednesday about a security vulnerability it says it has discovered within Microsoft's Internet Explorer Web browser. The flaw, which Secunia has ranked as "moderately critical," is found within Internet Explorer versions 5.01, 5.5, and 6, Secunia says in an advisory.
Internet Explorer doesn't block malicious Web sites from inserting "arbitrary content" in an arbitrary frame in a browser window, the Danish security firm says. Secunia says the malicious content will appear as if it originated from a trusted site, which is an attack commonly known as spoofing.
Secunia says it has verified the flaw in "a fully patched Internet Explorer 6 running on Microsoft Windows XP" and that other versions of Internet Explorer could also be affected by this vulnerability.
Secunia's only advice is that Internet Explorer users not visit untrusted Web sites or select a different browser.
Microsoft was not immediately available for comment.
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2018 State of the CloudCloud adoption is growing, but how are organizations taking advantage of it? Interop ITX and InformationWeek surveyed technology decision-makers to find out, read this report to discover what they had to say!
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.