IE 7 Fails Its First Security Test

It seems that Microsoft's brand-new Internet Explorer 7 browser, which was just released Oct. 18 for Windows XP, has already failed a security test.

An advisory from Secunia, released Oct. 19, says the gold version of IE 7 was shipped with an information disclosure flaw that could be used in spoofing attacks.

The vulnerability is caused by an error in the handling of redirections for URLs with the "mhtml:" URI handler. "This can be exploited to access documents served from another web site," Secunia warned.

Source: Microsoft Watch