Another day, another browser bug. Today Secunia reported that researcher Michael Zalewski had discovered a method spoofing vulnerability in Internet Explorer.

The browser has become the attack vector, it seems, ever since Metasploit creator H.D. Moore launched his “Month of Web Browser Bugs” project last July (which eventually kicked off a slew of similar projects attacking various computer applications and components).

While the particular bug announced today is only meant to spoof the address bar, the trend of web-borne malware is taking off.
Malware, according to Secure Computing’s Vice President of Technology Evangelism Paul Henry, has found a new home on the internet.

Vince Weafer, head of Symantec Security Response, told me a few days back of a growing concern over mom-and-pop websites being used to host malware.

Web security, including reputation-based URL filtering, is more important than ever before as thieves turn to the internet to launch their attacks.

What’s scary - the possibilities seem endless.