Microsoft has issued a warning against a vulnerability in its Internet Explorer 7 (IE7) browser that could allow attackers to spoof the address of a Web site.
The company said that the flaw lets hackers put a fake Web address in a pop-up window, and could trick users into downloading from what looks like a secure Web site. The hacker can add special characters to the end of the Web address, so that only a part of the URL is displayed.
However, Christopher Budd from the Microsoft Security Response Center Blog has downplayed the flaw, stating that Microsoft's research has shown the full URL can still be displayed by clicking in the browser windows or address bar, or by scrolling within the address bar.
for more:- http://www.techtree.com/India/News/Microsoft_Warns_Against_IE7_Flaw/551-76766-580.html