Internet Explorer flaw lets mouse movement be tracked
The claims have been made by Doug de Jager, CEO of UK-based analytics firm Spider.io, who has detailed the exploit and how it works in a blog post.
De Jager says the flaw makes it possible for a user’s mouse cursor to be tracked “anywhere on the screen – even if the Internet Explorer window is minimised”.
He says that third parties can get access to mouse movement data simply by buying a display ad slot on any webpage. “As long as the page with the exploitative advertiser’s ad stays open – even if you push the page to a background tab or, indeed, even if you minimise Internet Explorer – your mouse cursor can be tracked across your entire display.
“The vulnerability is already being exploited by at least two display ad analytics companies across billions of webpage impressions each month,” de Jager says.
The flaw was reported to Microsoft on 1 October but continues to effect Internet Explorer versions 6–10.
A spokesman for the company told The Guardian: “We are currently investigating this issue, but to date there are no reports of active exploits or customers that have been adversely affected.”
We hope you enjoyed this article.
Research Live is published by MRS.
The Market Research Society (MRS) exists to promote and protect the research sector, showcasing how research delivers impact for businesses and government.
Members of MRS enjoy many benefits including tailoured policy guidance, discounts on training and conferences, and access to member-only content.
For example, there's an archive of winning case studies from over a decade of MRS Awards.
Find out more about the benefits of joining MRS here.
0 Comments