Microsoft says last week's IE7 flaw is really a problem in Outlook Express

Company pinpoints bug to Outlook Express


23 October 2006 11:08 GMT / By Amber Maitland

Microsoft has shot back at a report from security firm Secunia claiming that it's analysts have found a flaw in Internet Explorer 7.

A member of the Microsoft Security Response Center, Christopher Budd, has posted a note on the Center's blog to say that the report is inaccurate, as the flaw is in Outlook Express, not IE7. “While these reports use Internet Explorer as a vector, the vulnerability itself is in Outlook Express”, he continues.

“While we are aware that the issue has been publicly disclosed, we're not aware of it being used in any attacks against customers. We do have this under investigation and are monitoring the situation closely, and we'll take appropriate action to protect our customers once we've completed the investigation.”

But a Secunia representative told Cnet News.com that, “Just because a vulnerability stems from an underlying component does not relieve IE or any other piece of software from responsibility when it provides a clear direct vector to the vulnerable component”.
Related
Full tags
Software, PC software, Browsers, Microsoft, Viruses And Malware, Internet Explorer

share print story pdf email story

Recommended articles

Search

Loading

Best iPad 2 apps

We detail the best iPad 2 and iPad apps in the app store Which iPad app should you download?

Windows 8

All the features and details of the new Microsoft operating system explained What's new in Windows 8?

iPad 3 rumours

What comes next? We look at the possible features, leaks, images, specs and more

Pocket-lint poll

Q. Will you be buying a PS Vita?

Vote YES Vote NO

» LAST TIME
When asked Will Samsung be making a mistake if the Galaxy S III isn't shown at Mobile World Congress in February? 51% said yes and 49% said no