Microsoft says last week's IE7 flaw is really a problem in Outlook Express

Microsoft has shot back at a report from security firm Secunia claiming that it's analysts have found a flaw in Internet Explorer 7.

A member of the Microsoft Security Response Center, Christopher Budd, has posted a note on the Center's blog to say that the report is inaccurate, as the flaw is in Outlook Express, not IE7. “While these reports use Internet Explorer as a vector, the vulnerability itself is in Outlook Express”, he continues.

“While we are aware that the issue has been publicly disclosed, we're not aware of it being used in any attacks against customers. We do have this under investigation and are monitoring the situation closely, and we'll take appropriate action to protect our customers once we've completed the investigation.”

But a Secunia representative told Cnet News.com that, “Just because a vulnerability stems from an underlying component does not relieve IE or any other piece of software from responsibility when it provides a clear direct vector to the vulnerable component”.

• Via Cnet News.com - Blogs

• Comment on this story for your chance to win a TomTom XL Live IQ Routes Europe

Latest in Software

• NEWS Twitter to charge in Japan
• NEWS The low down: Best Software, Service, App 2009
• NEWS WEBSITE OF THE DAY - love the mo
• NEWS VIDEO OF THE DAY - Lego Matrix
• NEWS Virgin Media to monitor filesharers

Latest on Pocket-lint.com

• NEWS 10 perfect Christmas presents for...music geeks
• NEWS Disney planning first 3D subtitles
• NEWS Motorola Milestone exclusive to Expansys
• NEWS VIDEO: Aardman makes Nintendo DSi ad with Flipnote Studio
• NEWS Panasonic discontinuing Technics 1200 turntables?