A newly discovered issue leaks or reveals all the text that you type in to the address (URL) bar, including website addresses and searches. Microsoft has not released a patch for this issue.
The vulnerability lets a website view everything you type in to the address (URL) bar of Internet Explorer, potentially exposing the information to malicious websites, data harvesting by companies that advertise online, or hackers. If you use the address bar to perform searches, those are visible as well, though not searches that you type directly into a search engine.
Microsoft hasn't released a patch for this issue yet, but says they plan to do so as soon as possible. Whether they will wait until patch Tuesday or issue an out of band fix remains to be seen. If you use Microsoft's Edge browser that shipped with Windows 10, you should be fine since the issue seems to impact Internet Explorer.
If you use Internet Explorer, switching to another browser until this issue is resolved is a good idea, or, be very cautious about any personal or sensitive information you type into the address bar.
ArsTechnica has more details and a proof of concept video if you're interested in the nuts and bolts of this issue.
You can find more Tech Treats here.
Please rate this article: