IE flaw affects IE6, 7 and 8

By Justin Mann on June 30, 2008, 5:55 PM
A warning for a recently discovered flaw in Internet Explorer 6 and 7 is being issued. The flaw is related to iframes, which most of us encounter in the form of ads of various sorts, and how IE6/IE7 handles access restriction on them. The attack requires at least some user intervention, but appears to be exploitable just by visiting a maliciously crafted web page or opening an e-mail.

The flaw is new enough that Microsoft says they aren't aware of anyone being compromised by the attack, even though proof of concept code has apparently been around for over a month. Interestingly, even Microsoft's newest browser, IE 8 beta 1, which was made available earlier this year, is also vulnerable.

Microsoft is now in an interesting position. Once IE8 becomes final and people begin adopting it, they'll be left with a very substantial userbase that is composed of IE6, IE7 and IE8 users. It seems they will be stuck with supporting the older browsers, and maintaining three branches of IE at once can't be an easy chore, even for Microsoft.

User Comments: 1

Got something to say? Post a comment
supergirl260 said:
microsoft will support ie5.5 on windows 2000 untill 7/13/2010 for secuity updates onlyMicrosoft will support ie6 on windows xp until 4/8/2014 possibly latermicrosoft will support ie7 on vista (business only) untill 4/11/2017all dates are minimum and microsoft can extend support for longer if they choose
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.