Internet Explorer can be exploited to read what you type in the URL bar

If you still use Microsoft’s Internet Explorer, then you should be aware there’s a bug in the browser which leaks the URL (or anything else) you type into the address bar.

The problem affects the latest version of Internet Explorer and was discovered by security researcher Manuel Caballero.

As Ars Technica reports, the flaw allows the website the user is currently visiting to view any text they type into the browser’s address bar, with that text becoming readable as soon as they leave (i.e. as they hit the enter key).

This means that a maliciously-controlled website can exploit the bug to grab the URL of the next website that you’re visiting, or if you’ve typed text into the address bar, it will also snaffle that – because Internet Explorer will automatically convert that to a search (on Bing by default).

And the victim won’t be aware that this has happened, because they’ll simply be whisked off to whatever website or search they entered.

  • Upgrade to the Surface Pro 4 for a modern web browsing experience

Time to move on?

Given the news yesterday that Windows 8.1 has been hit by a nasty bug which prevents users from logging onto their PC with a Microsoft account – and with no apparent ETA on a fix – maybe it’s time folks started seriously thinking about moving away from ageing Microsoft software.

Of course, if you are on Windows 10, it has the Edge browser as well as Internet Explorer, and the former is obviously where the software giant’s focus lies – particularly when it comes to security aspects.

As Caballero himself observes: “[Microsoft is] really moving forward regarding Edge, design bugs, and they even extended its bug bounty, which seems to be permanent now … but I still believe it is not acceptable to leave IE wide open.”

“In my opinion, Microsoft is trying to get rid of IE without saying it. It would be easier, [and] more honest to simply tell users that their older browser is not being serviced like Edge.”

Naturally some users are forced to go with Internet Explorer due to legacy issues with services or sites, but if you have a choice, it seems like an increasingly good idea to step up to a contemporary piece of software – whether that’s Edge, Chrome or Firefox, or indeed another alternative.

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).

Latest in Browsers
Woman using a Windows computer with Microsoft Edge
Don’t panic – Microsoft’s Edge browser isn’t about to subject you to a flood of unblocked adverts (not yet, anyway)
Google Chrome browser icon
A new split-screen feature is coming to Google Chrome, and it's surprisingly powerful
The Microsoft Edge logo on a black background displayed on a laptop screen.
Microsoft just gave Edge a great new feature to ensure the browser doesn’t slow down the PC, and it’s tempting me to switch from Google Chrome
Google Chrome with Christmas theme in Windows 11
I've used Edge, Firefox, and Opera, and yet after ten years in tech journalism, I still come back to Chrome
Woman using a Windows computer with Microsoft Edge
Microsoft gets rid of ‘Edge uninstall’ advice page after facing criticism over it having nothing to do with removing the app, and just promoting the browser instead
Microsoft Edge
Sorry, you're not getting Microsoft Edge off of your PC, at least according to its new 'uninstall' document
Latest in News
Lock on Laptop Screen
Data breach at Pennsylvania education union potentially exposes 500,000 victims
Boston Dynamics all electric Altas
This robot can do a cartwheel better than me and now I'm freaking out – but in a good way
A image of Saros character Arjun
Housemarque’s boss is surprisingly positive about Sony’s acquisition – and it’s good news for Saros
Oura Ring 4
One of Apple's top health execs is ditching the company for Oura, and I've never been more convinced smart rings are the future
Living room with Microsoft Xbox Series X (L) and Sony PlayStation 5 home video game consoles alongside a television and soundbar, taken on November 3, 2020.
The PS5 is currently selling faster than the PS4 did in the US, but I'm surprised to discover that the Xbox Series X and S are trailing behind Xbox One
Nvidia logo
Nvidia RTX 5060 Ti could be delayed to mid-April and RTX 5060 to mid-May – is AMD starting to look like a clear winner in the battle of Blackwell vs RDNA 4 GPUs?