Slashdot Mirror

← Back to Stories (view on slashdot.org)

IE7 Vulnerability Discovered

Posted by ryuzaki0 on from the that-didn't-take-long dept.

slidersv writes "Not 24 hours after the release of IE7, Secunia reports Internet Explorer Arbitrary Content Disclosure Vulnerability. So much for the "you wanted it easier and more secure" slogan found on Microsoft's IE Website."

21 of 386 comments (clear)

  1. Old exploit by Iphtashu+Fitz · · Score: 4, Informative

    This exploit exists in IE6. It just means MS didn't fix it in IE7. It's not like it's a new exploit that was quickly discovered within the few hours after IE7 was released.

  2. Re:This is news??? by smooth+wombat · · Score: 3, Informative
    Next time a bug is found in FF, I'm going to contact the media and scream bloody murder.


    It's already been done and found to be a hoax.

    Anything else you want to complain about?

    --
    We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
  3. Let's be fair by Lars+T. · · Score: 5, Informative

    The same problem is known on IE 6 since April 2006

    --

    Lars T.

    To the guy who modded me down from perfect to terrible Karma - Apple haters still suck

    1. Re:Let's be fair by Overly+Critical+Guy · · Score: 3, Informative

      All right, here's just one result from Google: "fundamental rewrite"

      --
      "Sufferin' succotash."
  4. Come on by critter_hunter · · Score: 3, Informative

    It's a "Less critical" vulnerability - not really dangerous at all. Firefox still has equally important unpatched "vulnerabilities" - some of which date back to 2004. Retards.

    --
    Karma: Could be worse (could be raining)
    1. Re:Come on by truthsearch · · Score: 4, Informative

      This IE hole requires no user interaction. Unlike the firefox bugs he links to a simple web page can leverage this IE hole with no extra user input. And considering the URI exploited is used within email I'd imagine Outlook is susceptable, too. So the firefox vulnerabilities mentioned are much less likely to be exploited than this IE hole.

      --
      Developers: We can use your help.
  5. Re:two words by Anonymous Coward · · Score: 2, Informative

    you can't think of all that details when rushing for a first post

  6. IE7 maybe not vulnerable? by jrsp · · Score: 5, Informative

    IE7, freshly installed this morning, on XP SP2 reports not vulnerable. Perhaps it was already patched, or the exposure is more limited than the post implies...

    Not an MS fan, but truth and accuracy are always good.

    1. Re:IE7 maybe not vulnerable? by truthsearch · · Score: 3, Informative
      Secunia has confirmed the vulnerability on a fully patched system with Internet Explorer 7.0 and Microsoft Windows XP SP2. Other versions may also be affected.

      http://secunia.com/advisories/22477/
      --
      Developers: We can use your help.
  7. Re:Firefox by GuidoW · · Score: 4, Informative

    Excuse, but where did you read that FF has that exact same vulnerability?

    Also, even though FF does have issues, I believe you'll be hard pressed to find a vulnerability in FF that has been known for years and still gone unfixed. (According to heise on http://www.heise-security.co.uk/news/79745 this is actually an old bug that also affects IE 6)

    --
    If it's so secret, then how come I've never heard of it?
  8. Re:two words by OakDragon · · Score: 2, Informative

    Interesting... but I always think of this when I hear "ha ha."

    --
    Dark Reflection
  9. FireTroll or TrollFox... nope, just a good idea by h2g2bob · · Score: 2, Informative

    It's a little harsh to call that a troll.

    It's a serious point. You could make a lite version. Lots of people would give it a try, me included. And there have already been forks of Firefox, like IceWeasel and Tor Park.

    If it were talking about forking IE, it should be labeled "joke". As it's talking about Open Source stuff, it should be "insigtful".

  10. Re:two words by l_bratch · · Score: 4, Informative

    Not an issue - domains actually have a dot at the end, in the format, e.g.:

    blabla.tld.

    http://www.google.com/
    http://www.google.com./

    Both work.

  11. Brillant Link. by Bake · · Score: 3, Informative

    Took me all of 3 seconds Googleing for "brillant site:thedailywtf.com".

    Paula's Brillant Bean:

    http://thedailywtf.com/forums/40043/ShowPost.aspx

  12. Doesn't work on Vista by DigitlDud · · Score: 2, Informative

    The exploit fails running on IE7 in Vista with protected mode.

  13. Re:Memory leaks by bunratty · · Score: 2, Informative
    MS has neglected several areas, one being the whole JavaScript area where IE still leaks memory like a sieve.
    That's no problem. See, Microsoft wrote this real nice article explaining how we can change all the JavaScript code on the web to work around its leaks. Get to work web developers!
    --
    What a fool believes, he sees, no wise man has the power to reason away.
  14. Which version? by Greyzone · · Score: 2, Informative

    I just tested Firefox 1.5.0.7 and it is not vulnerable.

    So just what version are you discussing here?

  15. What about that IE7 registry key to block setup? by HalfOfOne · · Score: 2, Informative

    Anyone else notice that the registry key that was touted as preventing the IE7 upgrade doesn't do jack?

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Setup\7.0]
    "DoNotAllowIE70"=dword:00000001

    I had thought it would categorically deny even the downloaded setup file, not just setups that were (eventually) launched from inside WindowsUpdate.

  16. Re:Browsers are just too complex by zcat_NZ · · Score: 2, Informative

    Or perhaps we could have the best of both worlds; plain text markup which makes web design and debugging easier, and some way that the server and browser can agree to deliver the content in a compressed stream.

    Like this: http://www.websiteoptimization.com/speed/tweak/com press/

    --
    455fe10422ca29c4933f95052b792ab2
  17. Re:Its not true by julesh · · Score: 2, Informative

    That's not actually what they're doing. Try connecting to that address. Here's what you get:

    Trying 213.150.41.226...
    Connected to secunia.com.
    Escape character is '^]'.
    GET /ie_redir_test_1 HTTP/1.1
    Host: www.secunia.com
    Connection: close

    HTTP/1.1 302 Found
    Date: Thu, 19 Oct 2006 19:30:39 GMT
    Server: Apache
    location: http://secunia.com/ie_redir_test_1
    Connection: close
    Transfer-Encoding: chunked
    Content-Type: text/html

    0

    They're sending an HTTP redirect, and the browser's following it. It will then send the cookies for the redirected URL to the server, and the server will return data expecting it to go into its own security context. This does allow data stealing.

  18. Not an IE flaw, but an Outlook Express flaw by PNutts · · Score: 0, Informative

    See BetaNews for details: http://www.betanews.com/article/MS_IE7_Flaw_Really _in_Outlook_Express/1161290765

    MS: IE7 Flaw Really in Outlook Express
    By Nate Mook, BetaNews
    October 19, 2006, 4:46 PM
    Microsoft responded Thursday to reports of the first exploit affecting Internet Explorer 7, which cropped up less than 24 hours after the browser's official launch. Christopher Budd from Microsoft's Security Response Center says the flaw lies not in IE7, but in an Outlook Express component.

    This fact could explain why the problem first surfaced back in November 2003 and was found to affect IE6 last April. "While these reports use Internet Explorer as a vector the vulnerability itself is in Outlook Express," Budd said. Microsoft notes it has received no reports of any attacks against customers, but is investigating the situation and may release a patch if necessary.