No flaw in IE7, says Microsoft
Security company Secunia is currently arguing with Microsoft over the existence of a vulnerability in the latest version of Internet Explorer. IE7 has only been in the public domain for just over a day.
Secunia yesterday reported that it had discovered a ‘less critical’ vulnerability in IE7. However, Microsoft has rejected the claims, saying that the flaw actually lies in a component of Outlook Express, its email client.
“The reports are technically inaccurate: the issue concerned in these reports is not in Internet Explorer 7 (or any other version) at all. Rather, it is in a different Windows component, specifically a component in Outlook Express. While these reports use Internet Explorer as a vector the vulnerability itself is in Outlook Express,” Christopher Budd, a Microsoft spokesman said on the company’s security blog.
Full story: webuser.co.uk