It didn’t take long for Microsoft’s new Internet Explorer 7 browser to come under security scrutiny.
Just a week after claiming that users of IE7 could be at risk of an online attack, security specialist Secunia claims to have found a new bug in the browser.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
The bug allows hackers to place a fake web address in one of the browser's pop-up windows to trick a victim into inadvertently downloading something from what appears to be a trusted website, according to Secunia.
While the full URL of the web page being displayed is present in the pop-up window's address bar, the left part of the URL is not initially displayed and could allow an attacker to spoof a legitimate website.
Neither of the IE7 bugs is considered to be critical, though they may be an embarrassment to Microsoft, which has made a strong point of its renewed security focus.
It’s inevitable that as soon as the browser was released, there would be a string of childishly overeager companies willing to point out its flaws. Microsoft should note the flaws, patch them and move on – to sort out Vista.