Microsoft suffers new browser threat

News Analysis

Microsoft suffers new browser threat

It didn’t take long for Microsoft’s new Internet Explorer 7 browser to come under security scrutiny.

Just a week after claiming that users of IE7 could be at risk of an online attack, security specialist Secunia claims to have found a new bug in the browser.

The bug allows hackers to place a fake web address in one of the browser's pop-up windows to trick a victim into inadvertently downloading something from what appears to be a trusted website, according to Secunia.

While the full URL of the web page being displayed is present in the pop-up window's address bar, the left part of the URL is not initially displayed and could allow an attacker to spoof a legitimate website.

Neither of the IE7 bugs is considered to be critical, though they may be an embarrassment to Microsoft, which has made a strong point of its renewed security focus.

It’s inevitable that as soon as the browser was released, there would be a string of childishly overeager companies willing to point out its flaws. Microsoft should note the flaws, patch them and move on – to sort out Vista.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy