New IE Download Spoof Found
Malicious Web sites could spoof the file extension of downloadable files.
Security researchers on Wednesday released details of yet another spoofing flaw in Microsoft's
Internet Explorer browser that could trick users into downloading malicious files.
The latest IE bug, which carries a "moderately critical" rating from tech security consulting firm Secunia, could allow malicious Web sites to spoof the file extension of downloadable files. Typically, an attacker could embed a CLS
Secunia has posted an online demonstration of the security hole.
Microsoft has confirmed the development of patches for several known IE vulnerabilities but the complicated testing process had led to a delay in the release of fixes.
Two of the more serious IE flaws that remain unpatched include a