main
Report a problem

Attackers take aim at IE7 flaw

Daniel Fleshbourne   on 29 October 2007 - 13:06 · 3 comments & 4150 views

Advertisement (Why?)
Microsoft is warning users to avoid suspicious websites and emails after attacks were reported on an unpatched flaw in Internet Explorer 7. The company would not provide exact figures, but said that a "limited number " of attacks had been reported. The attacks target a vulnerability in IE7's handling of the uniform resource indicator (URI) commands used by browsers to launch third-party applications.

Microsoft disclosed the vulnerability on 10 October, explaining that it arises when the browser fails to check malformed URI instructions in Windows XP and Server 2003. Windows Vista is not believed to be vulnerable. Security firm Secunia rated the vulnerability as 'highly critical', the fourth of its five severity levels

View: The full story @ vnunet

Post a comment · Send to friend Comments · There are 3 additional comments
(2 replies) #1 MioTheGreat on 29 Oct 2007 - 14:18
"Windows Vista is not believed to be vulnerable."

I assume Protected Mode is to thank?
#1.1 Gibwar on 29 Oct 2007 - 15:42
Quote - (MioTheGreat said @ #1)
"Windows Vista is not believed to be vulnerable."

I assume Protected Mode is to thank?

More than likely. I am assuming it'll pop up that nice orange/yellow box saying "This website is trying to load the program "xxx" would you like to allow this?" I know I've said no quite a few times. For some reason, the Juniper.Net Web based VPN client runs regedit when logging out... I've never let this happen.

I love protected mode!
#1.2 carl0ski on 30 Oct 2007 - 03:02
most likely due to poor compatibility with windows XP and 2k3 applications
including malware.


Windows X64 has the same short fall

the exploit doesnt work correctly since the app it attempts to deploy is optimised for Windows XP/2k3 32bit.

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)