Microsoft Internet Explorer Hidden Browser Window Restriction Bypass Vulnerability

2016-03-10T00:00:00
ID ZDI-16-195
Type zdi
Reporter Simon Zuckerbraun - Trend Micro Zero Day Initiative
Modified 2016-06-22T00:00:00

Description

This vulnerability allows remote attackers to create an invisible browser window on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the window.close() method. By issuing a particular sequence of script commands, an attacker can invoke window.close() and then continue executing script for an indefinite amount of time after the window has already been closed, and even after all browser windows have been closed. The user has no visual indication that script from the attacker's web page is still executing and there is no conventional UI available for stopping it.