Vulnerability in Internet Explorer Allows for Mouse Movement Tracking

bp9801 - December 12, 2012 10:10PM in Bugs / Virus

Security vulnerabilities of any kind are never a good thing, and today's revelation is certainly one to be wary of. Analysis company Spider.io has identified a vulnerability in Internet Explorer 6 through 10 that allows mouse movements to be tracked, even if the browser is minimized or inactive. A particularly bad part of this vulnerability is it even tracks movement across virtual keyboard and keypads, like you'd find on touchscreen devices. Spider.io says it's "already being exploited by at least two display ad analytics companies across billions of page impressions per month," which isn't the best thing anyone wants to hear. An attacker can purchase an ad on any website to gain access, even on sites like YouTube, and then track your mouse movements so long as the page with the ad is open.

Spider.io submitted the vulnerability report to Microsoft at the beginning of October, but the company said there are no "immediate" plans to patch it. Hopefully soon there is a resolution for it to make the browser safe once again.