Internet Explorer Iframe Folder Deletion Weakness

This bug has been confirmed by Secunia and was discovered by Cyber Flash.

The problem is that network shares can be included in an iframe where only certain parts of the content is visible to the user. This can e.g. be exploited to trick users into deleting local folders via an iframe referencing "\\127.0.0.1\c$\".

Successful exploitation requires that the user selects a folder icon, presses the delete key, and accepts a "Folder Delete" dialog.

The weakness has been confirmed on a fully patched

Suggested solution:
Do not accept suspicious "Folder Delete" dialogs when visiting untrusted web sites.

It is categorized as not critical.