19 October 2006
IE7 already vulnerable - Please say this is a joke
Internet Explorer 7 has only been out a few hours and already Secunia has found a vulnerability in the code.
Apparently the vulnerability can allow the disclosure of potentially sensitive information and is the result of a handling error in the redirection of URLs with IE7's mhtml URI handler.
There is a test from secunia to see if your browser is actually effected by this vulnerability based on the Proof of Concept code created by codedreamer. From this site you can also sign up to be informed when a patch is made available to fix the vulnerability as well as a weekly newsletter informing people of newly discovered vulnerabilities.
This doesn't do very good to promote Microsoft's image of being very interested in security and quality. This is the first time I've ever heard of a piece of software being released and within hours already having vulnerabilities discovered especially with such a popular product. This is not a good sign of what is to come.
Apparently the vulnerability can allow the disclosure of potentially sensitive information and is the result of a handling error in the redirection of URLs with IE7's mhtml URI handler.
There is a test from secunia to see if your browser is actually effected by this vulnerability based on the Proof of Concept code created by codedreamer. From this site you can also sign up to be informed when a patch is made available to fix the vulnerability as well as a weekly newsletter informing people of newly discovered vulnerabilities.
This doesn't do very good to promote Microsoft's image of being very interested in security and quality. This is the first time I've ever heard of a piece of software being released and within hours already having vulnerabilities discovered especially with such a popular product. This is not a good sign of what is to come.
Labels: IE, microsoft, vulnerability
