Microsoft, the world largest software company, released the next generation of its Internet Explorer web-browser on Thursday, featuring upgraded features and increased flexibility. Soon thereafter, however, a security intelligence provider announced it had found a vulnerability.
An advisory from Secunia, says the gold version of Microsoft's new Internet Explorer 7 was shipped with an information disclosure flaw that could be used in spoofing attacks.
The vulnerability is caused by an error in the handling of redirections for URLs with the mhtml: URI handler type. This can be exploited to access documents served from another web site, Secunia warned.
Secunia first raised an alert for this vulnerability in April 2006, but it was never fixed in IE 6 and was largely ignored in IE 7.