First IE7 security vulnerability

Secunia, the Danish computer security company, discovered the first vulnerability in Internet Explorer 7. The flaw can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an error in the handling of redirections for URLs with the “mhtml:” URI handler. This can be exploited to access documents served from another web site.

Internet Explorer 7.0 with a fully patched Windows XP SP2 systems are vulnerable and the advisory is currently unpatched. You shouldn’t worry too much though since Secunia rated the advisory as less critical. It is less critical because the attacker have to lure you to visit the malicious site.

For those who wants to be extra careful, you can disable active scripting support to avoid any problem.

Leave a Reply