Patch/Configuration Management, Vulnerability Management

Hours after release, Internet Explorer 7 flaw exposed


Just hours after the latest version of Microsoft's Internet Explorer web browser was released, its first vulnerability was disclosed to the public.

The flaw in Internet Explorer 7 (IE 7), discovered today by Secunia, can be exploited by malicious users to disclose sensitive information, according to the vulnerability monitoring firm.

The flaw is caused by an error in redirection handling for URLs with the mhtml: URI handler, according to an advisory posted by Secunia today that calls the flaw "less critical."

Internet explorer was released earlier this week with the promise of increased protection from phishing attacks and other threats.

Microsoft announced in late July that it would push IE 7 for Windows XP as a high-priority security patch through Automatic Updates.

However, the company also said at the time that it would give users the choice not to install IE 7.

A malicious spoofed website was discovered this week that pretends to be from Microsoft but downloads trojans to innocent users' PCs.

Click here to email Frank Washkuch Jr.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.