Xbox Live Gold price increase Nvidia Shield update Third stimulus check details Microsoft AI chatbot patent Bernie Sanders' mittens memes Returning stimulus money to the IRS Galaxy S21 review

First IE7 flaw in some doubt

First IE7 flaw in some doubt

Writing in today's Microsoft Security Response Center blog, Christopher Budd said that security vendor reports of a vulnerability existing within the newly released Internet Explorer 7 are false. The vulnerability exists, but within Outlook Express; Internet Explorer is merely the vector for exploitation. Sure enough, there's an April 2006 security alert #19738 from Secunia discussing pretty much the same flaw within IE6. It calls out Outlook Express as the culprit. Given that the vulnerability, whatever the cause, can result in the remote access of data, one has to wonder why Microsoft didn't patch this flaw six months ago.