Many popular browsers are affected by a vulnerability that makes it easy to spoof the content of websites, security firm Secunia warns. Features built into browsers makes it possible for malicious websites to change the content of pop-up windows created by trusted websites such as online banks. Users would have no inkling that potentially hostile content has been injected into a pop-up window. Secunia has confirmed the vulnerability on fully patched versions of Internet Explorer 6.0 and Windows XP SP1 and SP2 (advisory here), Mozilla 1.7.3, Mozilla Firefox 1.0, Netscape 7.2, Apple’s Safari 1.2.4, Opera 7.54, and KDE’s Konqueror 3.2.2-6. Secunia describes the vulnerabilities as “moderately critical”. It advises users not to browse untrusted sites while browsing trusted sites. [via The Register]