Internet Explorer File Download Extension Spoofing

posted by atomix

According to Secunia, one of the more popular internet security sites. There has been an advisory for Internet Explorer allowing someone to spoof the download file extension when attempting to download a file. As said by Secunia, “The problem is that Internet Explorer can be tricked into opening a file, with a different application than indicated by the file extension. This can be done by embedding a CLSID in the file name. This could be exploited to trick users into opening “trusted” file types which are in fact malicious files.” For more information click here. My honest opinion, i find IE gay. Mozilla r0x. =X.

Leave a Reply