IE7 is already vulnerable

By | October 19, 2006

Microsoft has just released the final version of IE7 for Windows XP and security research firm Secunia has already found a security vulnerability in newly unleashed IE7.

According to Secunia, the vulnerability can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an error in the handling of redirections for URLs with the “mhtml:” URI handler. This can be exploited to access documents served from another web site.

Secunia has constructed a test, which is available online here

Leave a Reply