Slashdot Mirror

← Back to Stories (view on slashdot.org)

IE7 Vulnerability Discovered

Posted by ryuzaki0 on from the that-didn't-take-long dept.

slidersv writes "Not 24 hours after the release of IE7, Secunia reports Internet Explorer Arbitrary Content Disclosure Vulnerability. So much for the "you wanted it easier and more secure" slogan found on Microsoft's IE Website."

10 of 386 comments (clear)

  1. Vista RC2 by jkl6648 · · Score: 2, Interesting

    I just ran the exploit test using IE7 under Vista RC2, and it came back and said that my browser "does not appear to be vulnerable to this particular exploit", so is this just a IE7 under XP issue?

  2. Re:Browsers are just too complex by truthsearch · · Score: 2, Interesting
    The vulnerability is caused due to an error in the handling of redirections for URLs with the "mhtml:" URI handler. This can be exploited to access documents served from another web site.


    The only reference I could find to an mhtml URI through google (which isn't a vulnerability report) is for HTML email. I've generated multi-part MIME email content and never once came across this type of URI. So if someone could elaborate on why this feature even exists it would be helpful.
    --
    Developers: We can use your help.
  3. Re:Firefox by Anonymous Coward · · Score: 5, Interesting

    Actually Firefox has a similar vulnerability, which has been unpatched for months (as a design decision - there is no way to patch it without breaking useful stuff).

    This is a new report of a old vulnerability which isn't serious. The fact that it's been released "not 24 hours" after IE 7 was released is, I would think, because someone decided to release it to coincide with the launch.

  4. Re:Browsers are just too complex by hey! · · Score: 4, Interesting

    Thats the root of the problem. I'd wager 90% of the functioanlity for browsers is only used by 5% of end users.

    I don't think this is the case, because for the most part users don't choose which broswer features they use; web sites do that for them.

    However, I think the web development model is far too complex, which both causes site developers to create security holes in their applications, and creates many places for security holes to exist in the browser itself.

    --
    Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
  5. Re:Old exploit by abaddononion · · Score: 5, Interesting
    This exploit exists in IE6. It just means MS didn't fix it in IE7. It's not like it's a new exploit that was quickly discovered within the few hours after IE7 was released.

    To me, at least, that's kind of the point. I mean, this is an old old IE6 bug, that M$ has known about for a certainly reasonable amount of time. Yet, they still haven't fixed it. And not to say it's a big deal that they haven't fixed it in IE6 yet. It's not like it's a Critical Priority bug (no pirates can steal Windows or MP3s because of it). But they point is, they did their whole "We heard you" campaign, and claimed IE7 was going to be this great new secure landscape... and they didn't even clean up the old IE6 bugs they KNEW about? I mean, seriously, at this point are we supposed to believe that they're even trying?
  6. Re:Browsers are just too complex by aadvancedGIR · · Score: 2, Interesting

    If only it was only unused stuff, it wouldn't be that bad.
    I recently visited the website of a car manufacturer which was full of (I don't want to know which one) cool things to replace the HTML and no kidding (I used my watch), I had between 80 and 200s between the moment I pushed a button and the expected effect (and yes, I was under up-to-date XP/IE6 with a perfectly working 11Mb/s line and it was not at a moment they should be expecting much trafic). The site was of course really nice looking, but it could have been done with just a little JS and Flash.

    It gives me the impression that some web developpers just want to steal some money selling useless trendy stuff to their clients and then extort the fix (rollback).

  7. "Suprise, Suprise, Suprise" -- Gomer Pyle. by www.sorehands.com · · Score: 1, Interesting

    "Fool me once, shame on you. Fool me twice, shame on me." -- Scotty.

    "Insanity is defined as repeating the same behavior and expecting a different result."

    Micorosoft have been patching security for years. They now claim, "Security is job one." Do you believe it? Why would you? I would not trust IE unless it is rewritten from scratch. There is only so many patches you can do.

    I worked on CALANdar back in the 90s. The program started its life as a quick and dirty in/out notifier. Over the years, it turned into a groupware scheduling package. Ignoring my protestations regarding security risks, I was required to add OLE to the Windows version. There was comments from the original author that said "I know this case is F**Ked, but Dick wanted it done now, I will fix it later." That code was there 4 years after the original author left. When you add onto an unstable base, you do not make code more stable.

    --
    Fight Spammers!
  8. Re:Firefox by towsonu2003 · · Score: 2, Interesting

    and your reference is? (link to the bug report)

  9. Using Vista RC1 by Utopia · · Score: 4, Interesting

    The Secunia test says I am not vulnerable with Vista RC1

    Vista RC1 was released almost a month ago.
    So I am surprised this new XP IE7 build still exibits this issue.

    Looking at the source, I suspect this is not a IE issue at all, instead this is a MSXML issue.
    Vista has anewer version of MSXML.
    XP IE7 seems to be using the older version.

  10. Re:Old exploit by Anonymous Coward · · Score: 1, Interesting

    This is not a browser bug. The browser is just being used as an attack vector. The exploit bug is in Outlook Express:

    http://blogs.msdn.com/ie/archive/2006/10/19/an-ie7 -security-vulnerability.aspx
    http://blogs.technet.com/msrc/archive/2006/10/19/i nformation-on-reports-of-ie-7-vulnerability.aspx