Skip to comments.First security flaw signaled in IE7
Posted on 10/19/2006 12:39:54 PM PDT by Panerai
Less than 24 hours after the launch of Internet Explorer 7, security researchers are poking holes in the new browser.
Danish security company Secunia ApS reported Thursday that IE7 contains an information disclosure vulnerability, the same one it reported in IE6 in April. The vulnerability affects the final version of IE7 running on Windows XP with Service Pack 2.
If a surfer uses IE7 to visit a maliciously crafted Web site, that site could exploit the security flaw to read information from a separate, secure site to which the surfer is logged in. That could enable an attacker to read banking details, or messages from a Web-mail account, said Thomas Kristensen, Secunias chief technology officer.
A phishing attack would be a good place to exploit this, he said.
One of the security features Microsoft Corp. touts for the new browser is the protection it offers users from phishing attacks.
Secunia rates the security flaw as less critical, its second-lowest rating, and suggests disabling active scripting support to protect the computer. The flaw could result in the exposure of sensitive information and can be exploited by a remote system, Secunia said in a security advisory posted on its Web site.
(Excerpt) Read more at macworld.com ...
It would be faster and cheaper for Microsoft to offer hackers $5,000 for every security hole found during beta testing. It would be the next best thing to having an open source process.
LOL, found that on "Macworld" did ya?
Oh crap...and I just downloaded IE 7 am and using it now
instead of my usual Firefox.
Still, I don't seem to be running into any probl< FATAL ERROR DATA LOST ALERT WARNING WARNING WARNING >
Luckily we have [our dependable team member] Pigpen in charge of testing our apps on IE7.
I dislike Microsoft, and their products, and only use them when I have to. But geez, calling this a flaw in IE7 is simply innaccurate.
I installed this IE7 this afternoon and it kept giving me memory faults and wanted to send errors to microsoft and would auto close... I uninstalled promptly...
Outlook Express is the devil!!!
More properly referred to as the "Tool of the Devil".
Ya got that right.
I'm proud to say that in 20 years of doing email continuously (VAX-Mail, Unix mail, CompuServe, Eudora, ELM, Netscape, Mozilla, and Thunderbird) I have never used Outlook Express.
I had to use full-up Outlook for about a year once because my company did a stint with an Exchange Server, and I thought I was gonna die. Lousy software, good lord. Features out the wazoo, but no quality or stability.
Give me solid stable software, over unstable glitzy crap, every time.
Actually I think of Outlook Express and IE5/6 as the "Typhoid Marys" of software.
I've been using IE 7 beta for a while now and I like it, escept that for some reason, some of my staock trading software sometimes crashes because of IE 7 according to the stock trading program.
I like the tab feature a lot. I don't use Outlook for mail.
And,...Mac people,..If you are running some new Intel Core Duo version of a Mac and are booted and running Windows (or Windoze as the Mac people like to call it) on the Mac, can it get a virus? Would just the Windows software get the virus or the entire machine? Is this the right question?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.