The Ethical Hacker Network

Latest Additions

Who's Online

EH-Net > Ethical Hacking Discussions and Related Certifications > Other (Moderator: don) > IE7 Released

Pages: [1] Go Down

	Author	Topic: IE7 Released (Read 5244 times)
0 Members and 1 Guest are viewing this topic.

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4167

Editor-In-Chief

IE7 Released

« on: October 19, 2006, 06:11:34 PM »

Will it knock out Firefox like the previous version did to Netscape? Let the debate begin?

http://www.microsoft.com/windows/ie/default.mspx?mg_ID=10010

Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

skel

Jr. Member

Offline

Posts: 60

"Beam me up Scotty - Only hackers here"

Re: IE7 Released

« Reply #1 on: October 19, 2006, 11:02:03 PM »

Quote

Microsoft's spanking-new Internet Explorer 7 browser has failed already failed a security test.

According to an advisory from Secunia, the gold version of IE 7 was shipped with an information disclosure flaw that could be used in spoofing attacks. The vulnerability is due to an error in the handling of redirections for URLs with the "mhtml:" URI handler.

"This can be exploited to access documents served from another web site," Secunia warned.

http://blog.eweek.com/blogs/eweek/archive/2006/10/19/14079.aspx

The cat mouse game has already begun .................


	Logged

Skel

oleDB

Recruiters
Full Member

Offline

Posts: 236

Re: IE7 Released

« Reply #2 on: October 20, 2006, 10:13:04 AM »

If you have auto updates but don't want IE 7 pushed to your machine you might consider this

http://www.microsoft.com/downloads/details.aspx?FamilyId=4516A6F7-5D44-482B-9DBD-869B4A90159C&displaylang=en


	Logged

Kev

Guest

Re: IE7 Released

« Reply #3 on: October 21, 2006, 10:39:49 AM »

IE7 is with out a doubt a big improvement. It seems about as fast as firefox and has a nice “feel” about it. However, I still think firefox wins by 2 points. Firefox has a vast amount of plugins available so you can really customize it to what you want. Also, IE7 being a Microsoft product will mean that 90% of the exploit efforts will go in that direction.


	Logged

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4167

Editor-In-Chief

Re: IE7 Released

« Reply #4 on: October 21, 2006, 07:48:53 PM »

Microsoft fires back by saying that this is not an IE7 problem, but it is an Outlook Express issue. This came from Christopher Budd, security program manager for Microsoft, in a blog posting:

http://blogs.technet.com/msrc/archive/2006/10/19/information-on-reports-of-ie-7-vulnerability.aspx

Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

skel

Jr. Member

Offline

Posts: 60

"Beam me up Scotty - Only hackers here"

Re: IE7 Released

« Reply #5 on: October 23, 2006, 05:30:52 AM »

Quote

If you have auto updates but don't want IE 7 pushed to your machine you might consider this http://www.microsoft.com/ ...........

Thanks for the link.

Very interesting situation. MS wants to validate ur windows before downloading the tool. Does this mean MS will push the ie7 update to pirated windows PCs too?. If MS is going to give IE7 only to genuine windows users, why do they need to validate widows to download the tool ?
Huh