IE 7 vulnerability LOL....

[pradipudhaya]

A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an error in the handling of redirections for URLs with the "mhtml:" URI handler. This can be exploited to access documents served from another web site.

Source: *secunia.com/advisories/22477/

Take the vulnerability test here : *secunia.com/Internet_Explorer_Arbitrary_Content_Disclosure_Vulnerability_Test/

And the result haha ... lol
Your browser is vulnerable! The test retrieved content from news.google.com in the context of your browser.

This actually means that if you were logged into your bank account, any web site you are visiting would be able to retrieve confidential data from your bank. This could also be used to retrieve personal settings entered on sites like eBay or Paypal.

 

[[xubz]]

Hehehe.. And IE7 Final was Released Yesterday.. I Expect a Patch Soon

 

[pradipudhaya]

Hehehe.. And IE7 Final was Released Yesterday.. I Expect a Patch Soon

IE6 had the same vulnerability.....*secunia.com/advisories/19738/

 

[JGuru]

More vulnerabilities in IE are going to be discovered!!! For Hackers this is a very busy
time!!! Also Vista is going to be released soon. So it's a great treat is in the offing for Hackers!!

 

[aakash_mishra]

And more will be discovered soon.............

 

[rajat22]

Result (The result of the test will be displayed below)


Your browser is vulnerable! The test retrieved content from news.google.com in the context of your browser.

This actually means that if you were logged into your bank account, any web site you are visiting would be able to retrieve confidential data from your bank. This could also be used to retrieve personal settings entered on sites like eBay or Paypal.

That was the result and I did not visit news.google.com at all in last 14 days.
Is the test authentic????

 

[freakitude]

hehehe...more soon..

 

[chesss]

OMG! This is an absolute SHOCK!! lol

 

[gxsaurav]

i wonder why didn't secunia told the IE 7 developers & beta team about this bug, if it was so old

 

[Rollercoaster]

opera is not affected

 

[hemant_mathur]

Just one of the many bugs to be found in the near future

 

[anandk]

IE is still used by the majority. lets face it. hackers will WANT to CREATE vulnerabilities. this can-n-mouse game will continue. whats imp is how fast ms keeps reacting. thats the price u have to pay to remain at the top !!!

 

[gary4gar]

its a cat-mouse game!
first discover a vulnerability & realse a patch for it which again hackers will break

 

[jeetu]

Well IE7 is a poor attempt to match opera and firefox by microsoft. As usual its filled will holes and bugs like other MS products.

 

[gxsaurav]

it's clearified by MS today, it's not a bug in IE 7 it's a bug in Outlook Express on Windows XP

*bink.nu/Article8571.bink

If secunia knew this bug from a long time, why didn't they told IE team during the beta phase, looks like they were just waiting for the right time, & now they are saying..."Look, we are the first one to report, we are better then all else". I mean, seriously, this is why beta phase is for, to submit bugs

 

[sabret00the]

M$ at its best