Imagine that you’ve clicked on a link purporting to be that of your bank and the page you see says you’re on your bank’s site and it looks like your bank’s site. However, you’re really on a website cleverly crafted to make you believe it’s safe to give up your private information: passwords, credit card numbers, etc.

The latest vulnerability in Internet Explorer, reported by Secunia, allows the address bar to show a different address than the page you are on. I just tried it and—sure enough—IE 6 showed that I was on www.google.com with content from Secunia. What if that second page was made to look like Google’s?

As I write this I have all the latest patches from Microsoft, yet this vulnerability hasn’t been fixed since it was reported on April 4. Just one more reason why OfficeMedic recommends that you get Firefox.