Thursday, October 19, 2006

First IE7 Security Flaw Found

A PC World article by Peter Sayer, via Yahoo! News, reports that:

Less than 24 hours after the launch of Internet Explorer 7, security researchers are poking holes in the new browser.

Danish security company Secunia reported today that IE7 contains an information disclosure vulnerability, the same one it reported in IE6 in April. The vulnerability affects the final version of IE7 running on Windows XP with Service Pack 2.

If a surfer uses IE7 to visit a maliciously crafted Web site, that site could exploit the security flaw to read information from a separate, secure site to which the surfer is logged in. That could enable an attacker to read banking details, or messages from a Web-mail account, said Thomas Kristensen, Secunia's chief technology officer.

More here.

0 Comments:

Post a Comment

<< Home