The flaw in Internet Explorer 7 (IE 7), discovered today by Secunia, can be exploited by malicious users to disclose sensitive information, according to the vulnerability monitoring firm.
The flaw is caused by an error in redirection handling for URLs with the mhtml: URI handler, according to an advisory posted by Secunia today that calls the flaw "less critical."
Internet explorer was released earlier this week with the promise of increased protection from phishing attacks and other threats.
Microsoft announced in late July that it would push IE 7 for Windows XP as a high-priority security patch through Automatic Updates.
However, the company also said at the time that it would give users the choice not to install IE 7.
A malicious spoofed website was discovered this week that pretends to be from Microsoft but downloads trojans to innocent users' PCs.
Click here to email Frank Washkuch Jr.
Hours after release, Internet Explorer 7 flaw exposed
By Frank Washkuch on Oct 19, 2006 6:13PM