News19,135 Articles
News spotlights:
Business | CES | Digital audio | Gadgets | Games | Green computing | Home entertainment | Internet & broadband | Laptops | Linux | Macs | PC Peripherals & components | PC security | PCs & laptops | Mobile phones | Digital photography & video | Software | Wi-Fi & networking
News by company:
AMD | Apple | BT | Dell | Google | HP | Intel | Microsoft | Nvidia | Sony
News by product:
Windows XP | Windows Vista | Windows 7 | Apple iPhone | BlackBerry | Apple iPad
October 26, 2006
Secunia claims second IE7 flaw
Microsoft admits browser security problem
Just one week after claiming that users of Microsoft's Internet Explorer 7.0 browser could be at risk to an online attack, Danish security vendor Secunia ApS is reporting a new bug in the browser.
The bug allows hackers to place a fake web address in one of the browser's pop-up Windows, and could be used to trick a victim into inadvertently downloading something from what appeared to be a trusted website. Secunia has described the flaw in an advisory, which can be found here.
Based on its initial investigation, Microsoft believes that there is "an issue", according to spokesman with the company's public relations agency.
While the full URL of the web page being displayed is present in the pop-up Window's address bar, the left part of this URL is not initially displayed, the spokesman said. That problem could allow an attacker to spoof a legitimate website, Secunia said.
Microsoft's confirmation may come as a relief to Secunia which reported another problem in IE7, just hours after the browser was released. Microsoft said that report was "technically inaccurate" because the flaw lay in a component of Microsoft's Outlook Express email client, which could be triggered by the browser.
Neither of the bugs is considered to be particularly critical. But coming so soon after IE7's launch, they are somewhat embarrassing to Microsoft, which has made much of its focus on delivering secure software.
Secunia was surprised that Microsoft called their first report erroneous, given that the flaw can be triggered only through the browser, said Thomas Kristensen, Secunia's chief technology officer. "From a technical point of view, Microsoft might be right, but from a user's point of view, or an administrator's point of view, it doesn't really matter. IE is the vector," he said. "It was probably unnecessary to go out and try to blame Outlook in that way."
Free whitepaper: Phishing for victims - Truth, myth and cybercrime
<<newer story | back to index | older story>>
Submit to:
Reddit
Subscribe to PC Advisor now and claim your FREE gift
Question of the day!
Does your smartphone replace your need for a laptop when on the move?
% of PC Advisor readers agree with you
Which parts of the desktop PC/laptop experience can't you get on your smartphone?
Follow the conversation at @SmartphoneFocus
web browsing, search facilities, voip, email, word processing everything RT @Graham_D_C
Mainly email but getting better at spreadsheets etc, RT @IDGdan
Recent reviews
- Malwarebytes' Anti-Malware Free review
- Kodak ESP 5250 review
- Fujitsu LifeBook T4410 review
- Kodak ESP 3250 review
- Lenovo ThinkCentre A70z review
- Microsoft SideWinder X4 review
- Sony BDP-S360 review
- Acer Liquid review
- LaCie Sound2 review
- ASUS U50Vg review
Latest reader comments
- Jeff2 Its my family and girlfriend who use them and i just cant see the point. Facebook this...
- Bizzo. How can you HATE them if you don't use them? Surely it makes no difference that they're...
- I hate Facebook and Social networking sites. I mean, whats the actual point ? everyone who i...
- I sure do not need 1,000 characters to say that FB pisses me off. No consultation, no "would you...
- Hi Dave, Yes! apple are only doing EXACTLY THE SAME as Microsoft have done for years & years....
Top news
- ComScore: 2009 social networking stats
- Bing boings but Google grows
- Microsoft, Google join MediaTek to boost emerging market sales
- Samsung & LG to show social networking phones
- Google adds Nexus One phone support
Latest blog entries
- Smartphone blogs: best apps, best phones, best freeware
- Smartphone focus: Twitter - will Apple, Google dislodge BlackBerry?
- Google plots instant translator for smartphone
- Free and friendly Windows security software? What's the catch?
- Google Books: time for a rethink?
Sponsored Content
-
Take the internet to new places with the Nokia N800
Communicate how you want to, where you want to with instant messaging, email and internet calling. View movies, browse the internet wirelessly and watch TV on the high-resolution screen and listen through high-quality stereo speakers with headphone jack.
Buy now
Latest technology news:
Sponsored links
-
New - BlackBerry Advisor
Get hands-on with our exclusive Virtual BlackBerry handset and check out the latest reviews of BlackBerry smartphones and software. -
Crucial Memory Upgrades
Go to Crucial.com and use either our Memory Advisor Tool or System Scanner to find a 100% compatible memory upgrade for your system, from the Best Memory Manufacturer of 2008! We offer free delivery, free technical support, and lifetime warranty. -
Award-winning Spyware Doctor with AntiVirus 2010
delivers powerful antivirus and antispyware protection using layered technologies to defend your PC. Download now for a free scan! Discover how our award-winning ThreatFire™ Behavioural Intelligence blocks new threats faster than traditional signature methods. -
PC Advisor Smartphone Focus
Latest news and resources on how smartphones are facilitating mobile and flexible working in the enterprise. Find out more and join the discussion here. -
Custom built PCs
Visit our website to see our full range of custom-built PCs. Customise any specification and have the order dispatched the next working day. A massive range of PCs - from £250 to £1,000-plus - and a full list of low-cost components are available. -
Free whitepaper
Legal risks of uncontrolled email and web use. -
Free whitepaper
Is social networking really bad for business? -
Free whitepaper
Phishing for victims: Truth, myth and cybercrime. -
Free whitepaper
Threat predictions, messaging security issues and trends for 2010. -
Free whitepaper
Email archiving: Top 10 myths and challenges. -
Free whitepaper
Managing email: Exploring common email management challenges (and how to overcome them).
About PC Advisor | Privacy policy | Media information | Site map | Contact | About IDG
All contents ©IDG 2010 | webmaster@pcadvisor.co.uk
Question of the day!
Does your smartphone replace your need for a laptop when on the move?