Description:
Bug reports and security warnings have started to come to Microsoft just after it was released a second public beta of Internet Explorer 7 browser.
The company made public the application for testing purposes only and called on users to post questions or problems on a newsgroup.


The Bad:
“A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an error in the handling of redirections for URLs with the ‘mhtml’ URL handler. This can be exploited to access documents served from another web site.”( Secunia)

This could be used in phishing attacks to read sensitive information from the IE browser.
Secunia does not consider the problem to be critical, but it was widely reported because its discovery came so soon after IE 7's launch.

The Good:
The bug that Secunia claimed to have discovered in Internet Explorer 7 just hours after it was released is not a browser bug after all, Microsoft said . The problem is in a component of Microsoft’s Outlook Express e-mail client, which can be triggered by the browser.”

"These reports are technically inaccurate," wrote Christopher Budd, a security program manager with Microsoft, in a blog posting. "The issue concerned in these reports is not in Internet Explorer 7 (or any other version) at all."

Conclusion:
Internet Explorer 7 is a solid upgrade, but it's disappointing that after five years, the best Microsoft could do was to mostly catch up to smaller competitors.

written by Cristian L.