I say FINALLY with Bold CAPS. I think it was (re)discovered on December 9. It is February 3 people. I have a great Idea for Windows users: download Mozilla now!
Microsoft Corp., which is bracing for an attack against its Web site by computers infected with the Mydoom virus, issued a patch for what it called a critical flaw in its Web browser software.
Microsoft posted on its Web site a fix for its Internet Explorer Web browser that prevents malicious software coders from making any Web site address look like that of another, a tactic scammers have used to trick individuals into disclosing personal banking information. Microsoft first became aware of the flaws in December, through postings on a security Web site, said Microsoft security program manager Mike Reavey.
Microsoft said it was responding to increased demand from customers for a way to prevent faked Web sites, known as “URL spoofing.” Software coders have in recent weeks sent out e-mail messages directing consumers to fake Web sites whose addresses appear to be those of Citigroup and banks. The scam, known as “phishing,” gulls users into entering their bank account data into a form, which the scammers then mine for information.
“They’ve been aware of some of these problems long before November and December,” said Russ Cooper, a security researcher at TruSecure Corporation of Herndon, Virginia. Cooper said the problems that were fixed were being exploited by scammers as long as two years ago.
Source: The Salt Lake Tribune
This “phishing” flaw really takes the cake. I know M$ takes a while to get patches out (why is beyond me), but this is a serious problem. A lot of people, unfortunately, get swindled into typing in their personal information into these bogus sites. It is almost as if they don’t care at all. Do they?