Monday, September 16, 2019
  • Home
  •             

Internet Explorer 7 – 24 hours and 1 vulnerability

October 19th, 2006 by Patrick S

Microsoft released their latest Internet Explorer yesterday with so called new security features and functionality.

Less than 24 hours have passed and there is already a vulnerability.

A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an error in the handling of redirections for URLs with the “mhtml:” URI handler. This can be exploited to access documents served from another web site.

Test code is readily available and the threat is marked as less critical.

Source Neowin

Posted in Internet Explorer, MS News, Security | 3 Comments »


This entry was posted on Thursday, October 19th, 2006 at 6:20 am and is filed under Internet Explorer, MS News, Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.


3 Responses

  1. dr.happy Says:

    One of the most interesting aspects of the IE vs. Firefox battle is the development of the ecosystem of extensions or add-ons. Right now firefox had a great advantage in this space but you can see microsoft trying to catch up.

    Microsoft has a interesting partner in Trailfire, a recommended download for IE7. See link:
    http://www.ieaddons.com/SearchResults.aspx?keywords=trailfire

    But this extension is also available for firefox. See link:
    https://addons.mozilla.org/firefox/3524/

    I think the ecosystem for firefox and IE will decide who wins this battle not bugs. What do you think?

  2. Sandi Says:

    Hi Patrick,

    I know some will say that the following is nit-picking, but the fact is…

    http://blogs.technet.com/msrc/archive/2006/10/19/information-on-reports-of-ie-7-vulnerability.aspx

    “These reports are technically inaccurate: the issue concerned in these reports is not in Internet Explorer 7 (or any other version) at all. Rather, it is in a different Windows component, specifically a component in Outlook Express. While these reports use Internet Explorer as a vector the vulnerability itself is in Outlook Express.”

    Also, the vulnerability is not reproducible on Windows Vista.

    The IE team also comments saying pretty much the same thing:
    http://blogs.msdn.com/ie/archive/2006/10/19/an-ie7-security-vulnerability.aspx

    This is something happens quite regularly, where a vulnerability is described as being an IE vulnerability when in fact it is not IE bits that are vulnerable but rather IE is being used as a jumping off point to access the vulnerable component. Some will say that exactly which component is the source of the vulnerability is beside the point, but I’d still like to see vulnerability reporters starting to be more accurate in their descriptions.

    Edit: There is a very interesting comment on the IE blog about the vulnerability as follows:

    “For those that don’t understand the actual issue at hand: Outlook installs a pseudo-protocol mhtml:, now when you do an XMLHttpRequest to a certain URL on your own domain, and that URL sends a redirect using this mhtml: pseudo-protocol the same-origin policy is not respected anymore.

    My personal opinion is that this vulnerability will be very hard to be utilized without some other existing vulnerability in the site in question which would give a hacker control over sourcecode on the server itself in which case this vulnerability just comes to naught.”

  3. Patrick S Says:

    Ahhh right you are then… Thanks…can i append this comment into my post?