All the latest UK technology news, reviews and analysis
|
|
|
18 Apr 2002
Security experts have warned that using the 'back' button in Internet Explorer (IE) can be dangerous for your data.
According to research from Andreas Sandblad, of the University of Umea in Sweden, IE allows URLs containing Java script into the browser's history list.
Code injected into a hyperlink or URL can be set to trigger when the back button is clicked and will operate in the same zone as the last URL viewed.
When a page fails to load the typical response is to hit the back button and, because the 'this page cannot be displayed' error operates from the local computer, malicious code can be executed on the local computer and local files can be read.
All versions of IE are thought to be affected, although some examples of code will only work on certain versions of Windows. Microsoft was contacted about the issue in November and again in March, but has not responded.
Currently the only workaround is to disable active scripting in the browser or stop using the back button.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Danish Speaker Required. Helpdesk. Liverpool. £11-£12...
Solution Network Engineer / Network Engineer - Docklands...
ROLE: Web Developer - Market Leader LOCATION: Watford...
Test Engineer Payments (UAT) - Leading IT Consultancy...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?