A new flaw has been discovered in Internet Explorer 7, this one relating to pop-ups. In succession to a flaw discovered last week that could result in spoofing the address of a pop-up window, the new flaw has no actual ability to harm or damage a system, but instead relies on duping people to lure them into submitting information:
Secunia rated the most recent flaw as "moderately critical" because viewing the content does not provide attackers access to a user's computer. But it can still prove harmful if a user enters sensitive information into the malicious pop-up window, such as credit card information, usernames or passwords, Kristensen noted.
Secunia reported on this vulnerability today, and even posted a test to check whether or not you are vulnerable. It only affects IE 7.0, and is easily to protect against if you browse safely.