quote:


The flaw, discovered by accident, would allow criminals to redirect users to fake webpages, even if they typed the correct address into a browser.

Internet giants such as Microsoft are now distributing the security patch.
...

Unresolved the flaw would make it simple to operate "phishing" scams, in which users are directed to fake webpages supposedly for genuine banks or businesses and are tricked into disclosing credit card details or other personal data.

...

Despite the scale of the operation few are expected to see any disruption to their web experience as the patch is applied. It is not thought that the flaw had been exploited prior to its discovery.

quote:


Left open the flaw would have allowed malicious hackers to redirect users to fake websites, even if they typed the correct address.