IE7 Beta 2 Preview Open to DoS Attack

Security researcher Tom Ferris says he has discovered a security vulnerability in the Beta 2 Preview release of Internet Explorer 7. The bug lies in the urlmon.dll file and causes the browser to crash when it encounters a URL with the "file://" protocol followed by a long string of dashes.

Ferris previously discovered security flaws in Firefox, IE6 and QuickTime. He notes that arbitrary code could be executed on a machine running Microsoft's newest beta browser, but his proof-of-concept code simply crashes the application. The issue has been reported to Microsoft and Ferris says it is only of medium severity.

41 Responses to IE7 Beta 2 Preview Open to DoS Attack

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.