By TechWeb Technology News
Hours after word broke that most browsers were vulnerable to a spoofing flaw that phishers could use to pilfer confidential data, Microsoft has declined to issue a security update.
In a security advisory posted on its TechNet site, Microsoft acknowledged that its Internet Explorer browser, including the version packaged with Windows XP SP2, could be used to trick people into entering information such as passwords in a bogus dialog box which appears atop a trusted site.
Microsoft published the advisory, it said, "to clarify the risks associated with browser windows without indications of their origins." But it won't release a security update to fix the flaw because it considers the issue a feature, not a bug.
"This is an example of how current standard Web browser functionality could be used in phishing attempts," the advisory went on.
The Redmond, Wash.-based developer told users that fake dialog boxes could be recognized by the lack of an address bar and lock icon. It also pointed users to a pair of sites for additional info on spotting spoofing attacks and protecting PCs.
Try TechWeb's RSS Feed!Broadcom seeking Sr Staff Business Analyst in San Jose, CA
CAST Software, Inc. seeking Sr Post Sales Engineer in New York, NY
Tower Hill insurance Group, Inc. seeking Programmer in Gainesville, FL
ISES, Inc. seeking C # Engineer in Bridgewater, NJ
Dell, Inc. seeking Counsel, Distribution Law, Channel Sales Division in Austin, TX
For more great jobs, career-related news, features and services, please visit our Career Center.
TechWeb's FREE e-mail newsletters deliver the news you need to come out on top.
Get definitions for more than 20,000 IT terms.
Editorial and vendor perspectives
