Spider.io reported today that Microsoft has no "immediate plans" to fix the potential Internet Explorer vulnerability which allows any website operator (or advertiser, hacker etc...) to track a visitor's mouse cursor movements. Microsoft's security team has acknowledged the issue but it is unclear if it will ever be resolved.
It was a few months ago that Spider.io first uncovered the interesting Internet Explorer flaw (feature?). Most disturbingly though, the flaw isn't isolated to just the browser window: it extends beyond IE's viewport to anywhere on a user's screen -- it even continues to work while the browser window is minimized. This bug affects IE6, IE7, IE8, IE9 and yes -- you guessed it -- IE10.
Proponents of squashing this bug believe the flaw has obvious privacy implications, but also presents a security risk -- this is particularly for virtual keyboard and keypad users. Physically disabled and security-minded visitors who may use virtual keyboards as a way to preempt keyloggers should be the most concerned. For everyone else though, well... it's just creepy.
One thing that is not mentioned though -- and I'm very curious about this -- is whether or not the flaw extends to Windows touchscreen PCs and tablets. When a user touches an element within Internet Explorer on Windows 8 or RT, for example, can the location of those touches be recorded like the movements of a mouse? If so, this could be a huge security issue for Windows touchscreen users who rely upon an on-screen keyboard, potentially providing a way to expose their passwords and other sensitive information.
Here is Spider.io's demo which demonstrates the potential vulnerability for IE users. Any Surface (or Windows touchscreen) users out there care to give it a shot? Let us know what you find.
The Acer Aspire S7-391 features a 13.3" 1920x1080 LED backlit multi-touch display with Intel HD Graphics 4000, it its powered by an Intel Core i7-3517U (1.9 - 3.0GHz) and 4GB of DDR3 RAM, it packs 256GB SSD and a SD/MMC card reader. Last but not least, the S7 includes 2 USB 3.0 ports and HDMI.
The Microsoft Surface features a 10.6-inch Gorilla Glass display and a vapor-deposited magnesium chassis, the Surface runs a Core i5 Ivy Bridge processor and the latter packing an ARM-based Nvidia chip. The Touch Cover measures 3mm thick and has a multitouch keyboard as well as a trackpad, with a Touch Cover, the Surface measures just shy of half an inch.
The Lenovo ThinkPad X1 Carbon sports an Intel Core i5 3427U processor and integrated HD 4000 graphics, 4GB of RAM, and a 128GB solid-state drive. You can upgrade that to a Core i7 3667U, 8GB of RAM, and up to a 256GB of flash-based storage for an extra ~$150. It also offers one mini DisplayPort, a couple of USB ports (one is 3.0), a 4-in-1 SD card reader, and Ethernet via a USB
Downloads and Drivers
From the Forums
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.