1. Attacker sends user (victim) a file;
2. Victim accepts local file, via email, message, save (successful phish)
3. In our scenario the DELETE method is contained in local file, sending DELETE method cross domain to another server (CORS CSRF)
4. The browser <IE8/9> is configured to NOT allow active content in Files or CDs
5. If user (Victim) has administrator privledges on local machine the file executes and victim is given no chance to reject running or respond to a challenge
Our customers believe this is a bug as the cross domain request, CSRF attack is successful. Is there a fix for this issue?
This issue only happens on Internet Explorer 8