Multi-version IE exploit announced

By Justin Mann on
It's an exciting day for IE users for sure, with the long-anticipated release of IE finally upon us. The fanfare roar is almost masking a bit of bad news concerning the release. While not exclusive to IE7, Secunia and others have made public a new IE vulnerability. This is not a very serious vulnerability in that it can render your system compromised, but it can result in someone accidentally releasing information they don't want to:

The vulnerability is caused due to an error in the handling of redirections for URLs with the "mhtml:" URI handler. This can be exploited to access documents served from another web site.
It affects currently updated machines, and affects both IE6 and IE7, even if you are fully up to date. Disabling active scripting renders you immune, but safe browsing habits will also help.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.