WinInsider

Microsoft spars with security analysts over IE 7 bug

TechWeb | at 20-Oct-06 21:16 | by Mike

Microsoft is reacting to a report that the just-released Internet Explorer 7 contains a bug by saying the flaw is actually in Outlook Express, the free e-mail program included with Windows 2000 and XP. The security company that issued the original alert, however, said that didn't matter: attackers could use IE 7 to grab users' data.

Thursday, Danish vulnerability tracker Secunia warned that IE 7, which Microsoft unveiled in final form the night before, included a cross-domain information-disclosure vulnerability. The bug, said Secunia, was in the MHTML: URI handler, and could be used in a malicious site to hijack data entered on a separate site at which the user was already surfing. The vulnerability, said experts, might be used by identity thieves to rip off bank and credit card account usernames and passwords.

WinInsider

Microsoft spars with security analysts over IE 7 bug

WinInsider

Microsoft hails Chicago datacenter opening 3

Toyota to supply hybrid technology to Mazda 1

Microsoft is shit magnet 86

MSN.com Beta Launch 95

Hotmail goes international 13

Hotmail goes mobile in Asia 89

PDC 2008: Windows 7 Rocks 16

Plus! for XP gets a free update! 33

About

Forums

Membership

Contact

Sitemap

Subscribe