Top Stories

More Stories

Top Picture

Bruno Invades Australia!

Watch the video and see the pics straight from the red carpet and after party.

Just In

More Stories

The IE7 vulnerability that isn't.

1points Posted 1010 days, 11 hours ago by sandi
 

MS have commented on the following vulnerability:

IE 7 Internet Explorer 7 "mhtml:" Redirection Information Disclosure http://secunia.com/advisories/22477/

I know some will say that the following is nit-picking, but the fact is...

http://blogs.technet.com/msrc/archive/2006/10/19/information-on-reports-of-ie-7-vulnerability.aspx

"These reports are technically inaccurate: the issue concerned in these reports is not in Internet Explorer 7 (or any other version) at all. Rather, it is in a different Windows component, specifically a component in Outlook Express. While these reports use Internet Explorer as a vector the vulnerability itself is in Outlook Express."

Also, the vulnerability is not reproducible on Windows Vista.

The IE team also comments saying pretty much the same thing:

http://blogs.msdn.com/ie/archive/2006/10/19/an-ie7-security-vulnerability.aspx

This is something happens quite regularly, where a vulnerability is described as being an IE vulnerability when in fact it is not IE bits that are vulnerable but rather IE is being used as a jumping off point to access the vulnerable component.

You must be logged in to vote | Print | Email | Report
del.icio.us | Digg | StumbleUpon |

Comments

Leave a Comment

You must be logged in to post a comment.

Subscribe to the PerthNorg RSS feed
Advanced Search

Sunday, 5th July 2009

Weather
12°

Recent Comments

About PerthNorg

A norg is about people powered news. Anyone can join and contribute to the news as a Cit J. Add your comments, share your stories, post your pics, submit links to interesting stories, upload your YouTube clips and vote for the stories you feel are important. Join up now.