Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: One-click/key attack forces IE and Chrome to execute malicious code

29 Jun 2013   #1
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 
One-click/key attack forces IE and Chrome to execute malicious code

Quote:
A researcher says he has uncovered a security weakness that can easily trick people into executing malicious code when they use the Microsoft Internet Explorer and Google Chrome browsers to visit booby-trapped websites.

The attack was recently presented at the Hack in the Box security conference by independent security researcher Rosario Valotta. It exploits weaknesses in the way browsers notify users when they execute operating-system-level commands, such as printing or saving. He said the attack works against Windows 7 and Windows 8 users running IE versions 9 and 10 when they enter either one or two characters while visiting a malicious website. Windows 8 machines running Chrome can be forced to execute malicious code when users click on a single HTML button on a malicious page, such as "Play" for a video or a Facebook "Like." Windows provides some protection against this social engineering attack, but Valotta said attackers can often bypass those defenses.
Source

A Guy


My System SpecsSystem Spec
.

Reply

 One-click/key attack forces IE and Chrome to execute malicious code




Thread Tools





Similar help and support threads
Thread Forum
Corel software vulnerabilities let attackers execute malicious code on
Corel software vulnerabilities let attackers execute malicious code on your PC Source A Guy
Security News
Cyber attack that sent 750k malicious emails traced to hacked fridge
Cyber attack that sent 750k malicious emails traced to hacked refrigerator, TVs and home routers Source A Guy
Security News
How do I program a key on my keyboard to execute a left click?
I have a Microsoft ergonomic keyboard 4000 which came with IntelliType Pro software. I want to program a particular key on the to execute a left click whenever I press that key. Is this possible to do?
Hardware & Devices
Report: malicious PDF files becoming the attack vector of choice
Read more: Report: malicious PDF files becoming the attack vector of choice | ZDNet
Security News
Attack Toolkits and Malicious Websites
Internet Security Threat Report, Security research and analysis | Symantec http://news.softpedia.com/news/Attack-Toolkits-Rule-the-Web-Threat-Landscape-179060.shtml
Security News
Alert:Threat Type: Malicious Web Site / Malicious Code
Source - Office.Microsoft.Com Search Results Can Lead To Rogue Anti-Virus - Security Labs Alert
Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 19:26.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App