Multi-version IE exploit announced

By Justin Mann on October 19, 2006, 11:58 AM
It's an exciting day for IE users for sure, with the long-anticipated release of IE finally upon us. The fanfare roar is almost masking a bit of bad news concerning the release. While not exclusive to IE7, Secunia and others have made public a new IE vulnerability. This is not a very serious vulnerability in that it can render your system compromised, but it can result in someone accidentally releasing information they don't want to:

The vulnerability is caused due to an error in the handling of redirections for URLs with the "mhtml:" URI handler. This can be exploited to access documents served from another web site.
It affects currently updated machines, and affects both IE6 and IE7, even if you are fully up to date. Disabling active scripting renders you immune, but safe browsing habits will also help.




User Comments: 1

Got something to say? Post a comment
wolfram said:
Perhaps I will stay with Firefox, and Firefox 2.0... No IE7 or IE6 for me...
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.