Yosuke Hasegawa is an engineer of NetAgent Co.,Ltd. He has received the Microsoft MVP award for Windows Security every year since 2005. He has investigated on the security issues that the character encoding such as Unicode causes. He has discovered a lot of vulnerabilities of various software applications including Internet Explorer and Mozilla Firefox so far.
Internet Explorer 6 (IE6) is, as Microsoft themselves admit, already an outdated 'spoiled milk' web browser. Actually IE6 has loads of vulnerabilities and security flaws left untouched for years. It is, however, true of a little newer Internet Explorer 7 as well. In this session, I would explain such 'spoiled milk' browsers' vulnerabilities related to Web Applications and improper implementations which were spotted ages ago and still have not been effectively addressed. It will also include demonstrations of some exploits.
In today's web-oriented world where web browsers are released and updated one after another, users tend to leap at their novel features. Yet on the other hand, there are considerable number of users loyal to classic browsers. For those old browsers, even ones still within vender maintenance period, relatively 'minor' flaws are often left unfixed for a long time. Why is it so dangerous to continue using such old browsers? To find a specific answer to this question, we must dig out the issues which are currently buried deep under ignorance