Multiple Browsers Window Injection Vulnerability

Michael Schwarz on Thursday, December 9, 2004

Secunia Research has reported a vulnerability, which affects most browsers. The vulnerability can be exploited by a malicious web site to "hi-jack" a named browser window, regardless of which web site is the true "owner" of the window.

You can find a test on their website: [1]

My question is now: How can we protect our websites for this vulnerability? Ok, we can wait until a bugfix will be available for all browsers. Should we test every second if the opened window is from the same location as we started?