Network Computing is part of the Informa Tech Division of Informa PLC
First Flaw Found In IE 7 Hours After Browser's Launch
Just hours after Microsoft released the final version of Internet Explorer 7, a security intelligence company warned users of the new browser's first official bug.
Copenhagen-based Secunia said that IE 7 contains a "less critical" flaw that can be used by identity thieves and other criminals to snatch confidential information from a PC.
The bug is a cross-domain information-disclosure vulnerability, said Secunia, which went on to report that attackers using the flaw in a malicious Web site could hijack data entered on a separate site at which the user's logged on. In one scenario, the attacker would lure users to his nasty site, then hope one or more would also be logging in at, say, an online bank account at the same time. If they were, the attacker would be able to capture the account's username and password.
Although Microsoft has repeatedly trumpeted IE 7 as more secure than its predecessors, Secunia first warned of the bug in IE 6 in April.
Secunia's alert for the IE 7 vulnerability also includes a quick test that demonstrates the new browser's susceptibility to attack. Firefox 2.0 RC3, meanwhile, is not at risk to this bug or an attack based on exploiting it.
Recommended For You
What skills do network managers really need to properly secure industrial networks? What new protocols, frameworks, and regulations are important? And what conferences and certifications can help? Here are five tips to get started.
A full-stack approach to retail edge offers retailers a way to optimize operations and adapt to changes in a post-pandemic world.
Network management tool sprawl is getting in the way of network management. It’s time for IT to do something about it.