Microsoft Internet Explorer 7 plays catch up, sees first exploit less than 24 hours after release

“Microsoft has made Internet Explorer 7 (IE 7) available to the general public,” BBC News reports. “The new version is the first upgrade to the web browsing program for more than five years.”

“New features include tabbed browsing, the ability to search the net directly and an anti-fraud system to thwart phishing attacks,” The Beeb reports. “The new program is available as a free download on 19 October, but many will get it as an automatic update to Windows XP in November.”

Microsoft’s Internet Explorer 7 is “seen as an attempt by Microsoft to catch up with rival browsers as it includes features that have long been seen in competitors such as Firefox and Opera,” The Beeb reports.

MacDailyNews Note: And Apple’s Safari which, of course, The Beeb ignores.

The Beeb continues, “With the new version, it is possible to open up tabs rather than windows for new webpages and subscribe to RSS feeds via the browser. One controversial new feature is the addition of a box that lets people search the net directly from the browser rather than through a dedicated webpage. This defaults to Microsoft’s own search engine, but in a last minute change the software company is letting users choose which search site this feature should call upon.”

“IE 7 will also be the default browser for the next version of Microsoft Windows, known as Vista, that is due to be launched in 2007,” The Beeb reports.

Full article here.

Les than 24 hours after release, a vulnerability has already been discovered in Microsoft Internet Explorer 7.x, “which can be exploited by malicious people to disclose potentially sensitive information,” Secunia reports. “The vulnerability is caused due to an error in the handling of redirections for URLs with the “mhtml:” URI handler. This can be exploited to access documents served from another web site.”

Secunia has confirmed the vulnerability on a fully patched system with Internet Explorer 7.0 and Microsoft Windows XP SP2 and says ther versions may also be affected.

Secunia advises users to “disable active scripting support.”

Secunia Advisory here.

44 Comments

  1. Less than 24 hours after release, a vulnerability has already been discovered in Microsoft Internet Explorer 7.x, “which can be exploited by malicious people to disclose potentially sensitive information,” Secunia reports. “The vulnerability is caused due to an error in the handling of redirections for URLs with the “mhtml:” URI handler. This can be exploited to access documents served from another web site.”

    Ah good, it’s inferior code as usual by Microsoft

    And to think I though it was going to get any better with them.

    Any bets when the next exploit is going to be announced?

    I say tomorrow.

  2. Gosh in 5 years this is all they can come up with? And the day its released it has an exploit. I cant wait to see what happens to vista on its release day. Headlines read 1000s of compters crash and become unusable due to exploit in windows vista.

    Makes you wonder who they have working for them. In 5 years they have updated windws xp once and tried and failed to come out with a new OS, thy have released 1 update to IE.

    Im proud to be a mac owner

  3. I am sorry, but this seems like a horrible double standard. If Safari had the same thing written about it, you would say “vulnerabilities are not exploits. where is the proof that this is actually affecting people?” Let’s get some standards together. Is a possible exploit the same as an exploit or not?

  4. I refuse to think that a company as big as Microsoft constantly cannot get it right.

    Software engineers at Microsoft are just as smart as Apple engineers…they probably went to the same schools. You learn the same stuff and take the same classes.

    I think its the huge computer security industry. If IE7 were nice and secure (which engineers know how to make), then where would Norton and McAfee get their money from?

    If you buy into Microsoft, you also buy into intentional security loopholes!

  5. I think maybe there Lazy at working out the Bugs in Redmond. Why can they make the OS and make IE7 Secure. I dont get it. I guess they dont do enough research before releasing final releases of products such as IE7. All they do is make the Os Beautiful with Aero and leave bugs behind. If they keep doing like this. They will start loosing Customers more. Some might switch to Linux or Macs. Since both are Secure without no viruses or Spyware or vulnerability. Bye

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.