Internet Explorer flaw may let ad firms track mouse input, Microsoft says that will change

Many of us already complain that web ads follow us too closely. You can understand why Internet Explorer users might be nervous, then, when Spider.io claims that the ads are even tracking their mouse movements. A JavaScript hole in Internet Explorer 6 through 10 reportedly lets intruders follow along with the onscreen pointer, regardless of whether or not the browser is the active app. That could easily prove a security risk for anyone using a virtual keyboard, including some tablet owners. Microsoft has confirmed that it's investigating and plans to "adjust this behavior," although it takes issue with Spider.io both focusing on IE and decrying two ad analytics firms that are supposedly exploiting the flaw today. The Redmond team argues that other browsers have "similar capabilities" and that Spider.io has ulterior motives, being an ad analytics firm itself -- it allegedly wants to knock down two competitors that it doesn't think are playing fair. We've asked Spider.io for its reaction and will get back if we're told more. In the meantime, don't be too alarmed when the vulnerability would likely only work with detailed knowledge of the target PC.

Tags: browser, exploit, flaw, internetexplorer, internetexplorer10, javascript, microsoft, mouse, tracking, vulnerability 

 

source

Posted in: Bussiness / Technology