Vulnerability discovered in Microsoft's IE7

Security analysts are working overtime on Internet Explorer 7, released by Microsoft this week for download. Secunia, a Danish security firm, has already found a bug that could give hackers access to sensitive information.

The flaw theoretically allows hackers to steal user information as they type it in, like passwords and login details. However, in order for it to be exploited, the target has to have a window open to the malicious site from the hacker, and type login details in to another window.

Secunia has rated the flaw “less critical”. An advisory on the website says “The vulnerability is caused due to an error in the handline of redirections for URLs with the 'mhtml:' URI handler. This can be exploited to access documents served from another website”.

Secunia apprently found the same flaw in IE6, but it remains unpatched, so it would seem the Microsoft doesn't regard the bug as a serious threaten.

• Secunia - advisory
• Via The Age - website

• Comment on this story for your chance to win a TomTom XL Live IQ Routes Europe

Latest in Software

• NEWS Test out Google's prototype homepage
• NEWS VIDEO: Family Guy promos Windows 7
• NEWS WEBSITE OF THE DAY - Hamburger Blender
• NEWS eBay unveils BlackBerry auction app
• NEWS BT Openzone to be available in 4500 more hotel bedrooms

Latest on Pocket-lint.com

• NEWS Vodafone to give away mobile internet on free Friday
• NEWS PC World launches three new Advents
• NEWS Test out Google's prototype homepage
• NEWS HP iPAQ Glisten launches on AT&T
• NEWS VIDEO: Family Guy promos Windows 7