IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [internet-explorer]

Internet Explorer is a web browser from Microsoft. It is the default web browser in Microsoft Windows.

Internet Explorer is a web browser from Microsoft. It is the default web browser in Microsoft Windows.

60 questions
5
votes
1 answer

What is the implication of HSTS on unsupported browsers?

HSTS is currently available only on Edge and IE11. What will be its implication on lower browser versions (IE9 & IE10)? How will HSTS behave? Will there be any impact on the site?
ChallengeMe
  • 153
  • 1
  • 3
  • 10
5
votes
1 answer

Mixed Content error in IE11 - HTTPS resource on HTTP page

I have an HTTP webpage with a piece of JavaScript that adds an iframe to the page. The iframe is pointing to an HTTPS page. In the IE11 developer console, this error appears: SEC7111: HTTPS security is compromised by https://www.example.com. This…
Ben Amada
  • 151
  • 1
  • 1
  • 3
4
votes
3 answers

How to avoid fake "Windows Virus Alert"

I was recently browsing online when I came across this page: When I chose to close the tab, I received this message: And after choosing "Leave this page" twice, I receive this message: Choosing OK reverts back to the first message. It appears the…
motoku
  • 231
  • 2
  • 12
4
votes
2 answers

Forcing IE11 to use perfect forward secrey on AWS ELB

I can connect to my server in practically every browser except for Internet Explorer and I cannot figure out why. I am resolving SSL on AWS Elastic Load Balancer (ELB), which is configured to use the following…
conorgil
  • 41
  • 1
  • 3
4
votes
1 answer

How did my homepage get changed in IE?

I have rarely used IE in the past. I just use it to test how a website looks. Today all of a sudden when I went on to open IE, it opened with a homepage that wasn't set by me. It was an address of a pornographic site. I was really shocked to see…
defau1t
  • 141
  • 3
4
votes
2 answers

Can I Prevent Internet Explorer from Storing Login Requests in Memory?

Using Internet Explorer 11 I have been able to login to HTTPS web applications by providing a username and password and then subsequently logout. Whilst the browser process is running I can then dump the browser memory (for example by using WinHex)…
Matthew Murdoch
  • 183
  • 1
  • 6
3
votes
1 answer

Could the causes of CVE-2015-2502 vulnerability be common to Firefox and Chrome?

On Tuesday August 18, 2015, Microsoft published an advisory pointing out a 0-day vulnerability (CVE-2015-2502) that can be exploited by an attacker to perform a remote code execution on Internet Explorer (from version 7 to 11, even if you are…
user45139
3
votes
0 answers

Mechanisms of built-in password managers in browser

I am researching for auto-fill mechanisms in built-in web-browsers password managers. Using windows hosts file i am redirecting browser query to my web-server where i am storing the full copy of login web-form for some site. When I repeat these…
Giuseppe Baldinini
  • 31
  • 3
3
votes
1 answer

How to de-obfuscate a malicious payload?

I've received some spam email that led to a JavaScript file which I assume is malicious. My curiosity got the best of me so I opened the file in notepad and I'm trying to make sense of the code but I cannot decypher the PDF and hex parts. I suppose…
Zeh
  • 33
  • 4
2
votes
2 answers

Internet Explorer - Advanced Properties for Trusted Root Certificates

If you go to IE -> Internet Options -> Content -> Certificates -> Trusted Root Certification Authorities. Now Click on some CA certificates and click on Advanced You can add properties to the certificate. What exactly is this for? Does this…
user93353
  • 1,982
  • 3
  • 19
  • 33
2
votes
2 answers

Browser Updated, yet still vulnerable to POODLE

So here's a situation, some of my company's partners notified us that they will be entirely disable their server's SSLv3 support. This prompts my superior to take this chance to update our operation team's Internet browsers to disable support for…
John
  • 21
  • 2
2
votes
1 answer

What benefit does the IE setting "Block unsecured images with other mixed content" provide?

Internet Explorer has the security setting shown in below screen shot. My understanding is that "unsecured images" are images that are not transmitted over HTTPS. What I am curious about is why does this setting specify the blocking of images, as…
coderworks
  • 519
  • 1
  • 4
  • 13
2
votes
2 answers

Are Internet Explorers "Tracking Protection" able to prevent AddThis canvas fingerprinting?

A paper on web tracking mechanisms identifies the web-tracking company AddThis as a major user of canvas fingerprinting. Are IE:s Tracking Protection, provided Tracking Protection Lists including AddThis entries, able to prevent user identification…
qnyz
  • 211
  • 1
  • 4
2
votes
1 answer

Does Internet Explorer handle Extended Validation properly

I'm reading about Extended Validation (EV) certificates and have a few questions. From what I understand, EV allows domain owners to pay extra for a especially trusted certificate (that the browser will honor with special display properties) and it…
San Jacinto
  • 73
  • 1
  • 6
2
votes
1 answer

How to avoid crash after successfully run shellcode?

I am a student studying information security. Recently I read this article link and made full exploit code. calc.exe is executed as expected. But after running shellcode, IE just crashed. (because no more code provided after shellcode...). I tried…
ruslan
  • 21
  • 4
1
2
3 4