Yes insecure Internet Explorer 7.0, Microsoft announced a unique security leaks of the latest version of Internet Explorer. Leakage from Internet Explorer 7.0 is affecting the Windows XP operating system, Windows Server 2003, and Windows 2000 but does not affect Windows Vista, also does not affect Internet Explorer 6.0 or earlier.
In its security blog, Microsoft explains that this threat arises when Windows can not handle a URL address or URI perfectly. Internet Explorer 7 updates a Windows component, which modifies the interaction between Internet Explorer with the Windows Shell when handling a URL address or URI. Applications that pass the URI and URL are not validated to Windows can be used to exploit this weakness. An example is a link to an email message that can give access to the redirect code to run it as mhtml: “URI handler.
continue reading…