Cable Forum - View Single Post

Aragorn · 09-12-2004, 14:28

IE6 on XPSP1 (patched until this months IE patch) with Google popup-blocker is vulnerable.

FF (with Tabbrowser Extensions and standard popup-blocker) is safe. Even tried opening Secunia site and Citibank in separate windows rather than tabs.

Will check the standard SP2 version of IE6 this evening.

Bottom line is - you need to visit a 'malicious' website and then a legit website (via link from malicious site?), that the malicious site knows about, using the same browser and legit website then has to open a pop-up window.

09-12-2004, 14:28	#18
Aragorn Inactive Join Date: Apr 2004 Location: Minas Tirith, Gondor Age: 60 Posts: 3,458	Re: New vuln affects ALL browsers IE6 on XPSP1 (patched until this months IE patch) with Google popup-blocker is vulnerable. FF (with Tabbrowser Extensions and standard popup-blocker) is safe. Even tried opening Secunia site and Citibank in separate windows rather than tabs. Will check the standard SP2 version of IE6 this evening. Bottom line is - you need to visit a 'malicious' website and then a legit website (via link from malicious site?), that the malicious site knows about, using the same browser and legit website then has to open a pop-up window.