ush.it - a beautiful place

IE7 ping back home, MS and your browsing history

December 20, 2006 at 9:15 pm - Filed under Insecurity, Language EN - 299 words, reading time ~0 minutes - Permalink - Comments

Is seems that Microsoft Internet Explorer 7 with the phishing filter active ping back home for every URL requested. This could be the default in many environments.

[zeno] HA!
[zeno] IE7 sends a request to MS for EVERY single URL your visit when phishing filter is on
[zeno] including internal hosts
[zeno] friend just found out
[zeno] he's posting to the lists soon
[transzorp] they don't let you specify an intranet?
[zeno] default settings
[zeno] at an enterprise that would be the most likely configuration
[transzorp] yeah

If confirmed we will hear more on this very soon. URLs often contains precious informations: "hidden" folders, user sessions, data, etc. This is not a new behavior, a lot of plugins/addons act so (think about plugins that show google pagerank or alexa rank diuring navigation) but you have actually to install 3rd party extensions/plugin/widget/whenever to be spy ed! With IE7 this is included in the bundle :)

UPDATE: the author published a post on the finding: IE7 Phishing vs. Privacy

Today I was testing WebInspect on my newly installed version of Vista with IE7 and found something startling. When running a browser through a proxy you can see soap requests being made to Microsoft as you hit each page.

UPDATE 2: Thierry Zoller wrote an article on how MS tracks the Search terms you enter in the URL bar even when the results are displayed by Google! Microsoft monitors Search queries - SP2

THP USH Wisec DigitalBullets