Home Dashboard Directory Help
Search

CSRF CORS attack via phishing using IE8 by Asif Palimar


Status: 

Active


Type: Bug
ID: 802465
Opened: 9/26/2013 11:59:32 PM
Access Restriction: Public
0
Workaround(s)
view
0
User(s) can reproduce this bug

Description

1. Attacker sends user (victim) a file;
2. Victim accepts local file, via email, message, save (successful phish)
3. In our scenario the DELETE method is contained in local file, sending DELETE method cross domain to another server (CORS CSRF)
4. The browser <IE8/9> is configured to NOT allow active content in Files or CDs

5. If user (Victim) has administrator privledges on local machine the file executes and victim is given no chance to reject running or respond to a challenge

Our customers believe this is a bug as the cross domain request, CSRF attack is successful. Is there a fix for this issue?
This issue only happens on Internet Explorer 8
Details
Sign in to post a comment.
Posted by Microsoft on 11/11/2013 at 4:08 PM
Thank you for your feedback. We will be investigating this issue further.

Best regards,
The Internet Explorer Team
Sign in to post a workaround.