June 8, 2006

A new security flaw has been discovered in Microsoft's Internet Explorer and Mozilla's Firefox browsers. Both are vulnerable to a new Java Script security hole that could allow attackers to rob sensitive information. According to a posting on the Full Disclosure security mailing list, the security flaw affects patched browsers on Windows, Linux and the Mac operating system.

The issue is caused by the 'OnKeyDown' JavaScript feature that allows websites to capture and duplicate keystrokes entered into data fields, including fields where users enter credit card information.

Security experts noted that exploiting the flaw would require the user to type a fair amount of text. Attackers would therefore most likely target online games or blogs.

Security website Secunia rated the flaw 'less critical' for Internet Explorer and Firefox.

Although the flaw requires a sophisticated attacker to effectively exploit it, it is noteworthy because it spans multiple operating systems and browser vendors.

The SANS Internet Storm Centre warned users to be cautious in allowing JavaScript to run.

Source: Vnunet

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.