Vulnerability found in IE7 already!

October 19, 2006

So, not even a full day in the wild for the full release of IE7 and there’s already a vulnerability found!

Secunia say the vulnerability can allow the disclosure of potentially sensitive information, such as bank details or login information. According to Secunia ‘The vulnerability is caused due to an error in the handling of redirections for URLs with the “mhtml:” URI handler. This can be exploited to access documents served from another web site’.

The vulnerability exists in IE6 too, so you would have thought it would have been fixed before the new browser launched!

It’s only rated as ‘Less Critical’, level 2 of 5 on Secunias scale, but it’s really not good PR on launch day for Microsoft!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: