A researcher has disclosed an Internet Explorer bug that allows a hacker to steal the text from the browser’s address bar.
As reported by ArsTechnica, this bug affects only the latest version of Internet Explorer and doesn’t appear to affect Microsoft Edge, which is the default browser in new Windows 10 installations. That said, Internet Explorer 11.0 is still the second most popular browser and more popular than Edge.
Researcher Manuel Caballero disclosed the bug on 26 September and showed that it’s possible for a script to steal the text entered into the IE address bar when the user presses the ‘Enter’ key.
Internet Explorer is a legacy browser that is far less secure than just about every other browser on the market, including Microsoft Edge.
While Microsoft still supports IE, Edge is its real focus. As Caballero points out in his blog post, several IE bugs are yet unpatched and have remained so for months on end.
As Caballera notes, given Microsoft’s apparent lethargy when it comes to developing IE, the company should either remove the browser entirely or do more to clarify the messaging surrounding the browser.