Security experts warn against false sense of IE7 security

Microsoft browser is blood in the water for hackers.

New browser, new meat for hackers! That's the message security firms are starting to give out as users download and install the new Internet Explorer 7.

The new browser has a stack of new features that will help bring it back on par with Firefox, including tabbed windows, integrated search and RSS feed manager.

But while there are also new security features – clearer signposting of secure sites and a new badge system to alert you to phishing sites – the overall security of the product itself is now under severe scrutiny.

Already, less than 24 hours after launch, Danish security firm Secunia has issued a vulnerability warning of a URL redirection error that allows hackers to access documents served from other websites.

One source told vnunet.com that users will need to be vigilant about the software and install patches as quickly as possible.

"A new version of Internet Explorer is pretty much blood in the water for hackers, so getting new patches out is imperative," he said.

Stephan Glathe, CTO of system management supplier Enteo Software, warned: "Although companies can use the auto-update tools supplied with Microsoft programs, relying on users to activate them can be risky - most users will forget from time to time. This results in a patchwork of updates and fixes across the business, which makes it exceedingly difficult to keep track of what has been applied where."

Glathe added that recent research from McAfee shows that 45 percent of European companies do not prioritise which security patches are applied to their systems.

"Many companies also still rely on manual methods to apply these patches, which is both time consuming and inefficient. Unless a comprehensive distribution system is in place can speedily prioritise and implement distribution, whilst recording exactly which PCs have been patched, companies are still at risk."

Copyright ©v3.co.uk