It didn’t take long for Microsoft’s new Internet Explorer 7 browser to come under security scrutiny.
Just a week after claiming that users of IE7 could be at risk of an online attack, security specialist Secunia claims to have found a new bug in the browser.
The bug allows hackers to place a fake web address in one of the browser's pop-up windows to trick a victim into inadvertently downloading something from what appears to be a trusted website, according to Secunia.
While the full URL of the web page being displayed is present in the pop-up window's address bar, the left part of the URL is not initially displayed and could allow an attacker to spoof a legitimate website.
Neither of the IE7 bugs is considered to be critical, though they may be an embarrassment to Microsoft, which has made a strong point of its renewed security focus.
It’s inevitable that as soon as the browser was released, there would be a string of childishly overeager companies willing to point out its flaws. Microsoft should note the flaws, patch them and move on – to sort out Vista.