We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,100 News Articles

Microsoft rebuts IE7 bug claim

Browser is safe, Outlook Express isn't

A flaw that research firm Secunia ApS claimed to have discovered in IE7 (Internet Explorer 7.0) just hours after its unveiling is not a browser bug after all, Microsoft claims.

Instead, the problem lies in a component of Microsoft's Outlook Express email client, which can be triggered by the browser.

The flaw could be used in phishing attacks to read sensitive information from the IE browser, Secunia said. The Danish security firm first reported the problem with the IE6 browser in April and found that it could be reproduced on IE 7 as well.

Secunia does not consider the problem to be critical, but it was widely reported because its discovery came so soon after IE7's launch.

"These reports are technically inaccurate," wrote Christopher Budd, a security programme manager with Microsoft, in a blog posting. "The issue concerned in these reports is not in Internet Explorer 7.0 (or any other version) at all."

One security researcher said he was surprised that Microsoft had apparently not informed Secunia of the nature of this bug back in April, when it was first disclosed.

"They reported this in... April," said Secure Network SRL chief technology officer Stefano Zanero. "Microsoft should have investigated then and should have already reported the bug to be not in IE."


IDG UK Sites

Windows 9 release date, price, features: Microsoft teases new OS ahead of 30 September unveiling

IDG UK Sites

From the iPhone 6 to the iWatch and a new Apple TV we look at the products Apple is set to launch...

IDG UK Sites

September 2014 creative trends: 5 things you must see

IDG UK Sites

What to expect from Apple in autumn/winter 2014: iPhone 6, iPhone Air, iWatch, iPad 6, new Apple...