Exploit found immediately after browser’s releasePeter Sayer
Less than 24 hours after the launch of Internet Explorer 7 (IE7), security researchers are poking holes in the new browser.
Danish security company Secunia ApS reported today that IE7 contains an information disclosure vulnerability, the same one it reported in IE6 in April. The vulnerability affects the final version of IE7 running on Windows XP with Service Pack 2.
Let the games begin. 😉
If a surfer uses IE7 to visit a maliciously crafted website, that site could exploit the security flaw to read information from a separate, secure site to which the surfer is logged in. That could enable an attacker to read banking details, or messages from a web-mail account, said Thomas Kristensen, Secunia’s chief technology officer.
“A phishing attack would be a good place to exploit this,” he said.
Oh I guess they already started. Its the same vulnerability from IE6!!!
Nice one Microsoft. This is gonna be fun…
All your IE7 are ours 😀