Internet Explorer is Leaking Anything You Type in the Address Bar

toggle-button

Internet Explorer logoA newly discovered issue leaks or reveals all the text that you type in to the address (URL) bar, including website addresses and searches. Microsoft has not released a patch for this issue.

The vulnerability lets a website view everything you type in to the address (URL) bar of Internet Explorer, potentially exposing the information to malicious websites, data harvesting by companies that advertise online, or hackers. If you use the address bar to perform searches, those are visible as well, though not searches that you type directly into a search engine.
Microsoft hasn't released a patch for this issue yet, but says they plan to do so as soon as possible. Whether they will wait until patch Tuesday or issue an out of band fix remains to be seen. If you use Microsoft's Edge browser that shipped with Windows 10, you should be fine since the issue seems to impact Internet Explorer.

If you use Internet Explorer, switching to another browser until this issue is resolved is a good idea, or, be very cautious about any personal or sensitive information you type into the address bar.
ArsTechnica has more details and a proof of concept video if you're interested in the nuts and bolts of this issue.


You can find more Tech Treats here.

Please rate this article: 

Your rating: None
4.61905
Average: 4.6 (21 votes)
toggle-button

Comments

It impacts the latest version of Internet Explorer 11. How long ago the latest update was released, I haven't been able to track down.
October 2013 is the last version of IE, but what updates have been made and when they were made since then, I don't know.

 

Thanks rhiannon.

Since when this has been happening? Well, thank goodness I don't use Internet Explorer.