Information on Reports of IE 7 Vulnerability


Hi, this is Christopher Budd.


 


We’ve gotten some questions here today about public reports claiming there’s a new vulnerability in Internet Explorer 7.  This is an issue that we have under investigation and so we have some technical information we can share about the issue.


 


These reports are technically inaccurate: the issue concerned in these reports is not in Internet Explorer 7 (or any other version) at all. Rather, it is in a different Windows component, specifically a component in Outlook Express. While these reports use Internet Explorer as a vector the vulnerability itself is in Outlook Express.


 


While we are aware that the issue has been publicly disclosed, we’re not aware of it being used in any attacks against customers.


                                                                           


We do have this under investigation and are monitoring the situation closely and we’ll take appropriate action to protect our customers once we’ve completed the investigation.


 


I hope that helps to clarify.


 


Christopher


 


*This posting is provided “AS IS” with no warranties, and confers no rights.*


Comments (10)

  1. Anonymous says:

    A new vulnerability has been posted here for IE 7 which has been released in the last day or so….

  2. Anonymous says:

    [Note: See Update 2.0 below.] Well, this didn’t take long. The Secunia security firm says it has found a flaw in Internet Explorers 6 and 7 that could allow disclosure of private information: A vulnerability has been discovered in Internet…

  3. Anonymous says:

    MS have commented on the following vulnerability: IE 7 Internet Explorer 7 "mhtml:" Redirection

  4. Anonymous says:

    From the Microsoft Security Response Center blog , "We’ve gotten some questions here today

  5. Anonymous says:

    The recently reported vulnerability in the just released IE7, is inaccurate says Microsoft. Instead of

  6. Anonymous says:

    IE 7 hit just the web and the first claims of a vulnerability appeared. It is actually true that there

  7. Anonymous says:

    Straight from the horses mouth, this vulnerability actually affects Outlook Express and not IE7.

  8. Anonymous says:

    Bereits kurz nach der Verffentlichung der entgltigen Version des neuen Microsoft Browsers meldet der Sicherheitsdienstleister Secunia unterInternet Explorer 7 "mhtml:" Redirection Information Disclosureschon eine Sicherheitslcke, durch die

  9. Anonymous says:

    1.- Navegadores nuevos con viejos problemas2.- Encuentran una vulnerabilidad de denegacion de servicio…