DoS Flaw Flagged in IE7 Beta 2

Found on eWEEK on Thursday, 02 February 2006

An independent security researcher has pinpointed a denial-of-service flaw in Microsoft's brand new Internet Explorer 7 Beta 2 Preview just moments after installing the security-centric browser makeover.

Tom Ferris said could hardly believe his eyes when the new browser crashed less than 15 minutes after he started using a homemade fuzz testing tool to poke around for potential security issues.

"I've confirmed a denial-of-service at this point, but I'm sure someone malicious could research this some more to control memory at some point to cause code execution," Ferris said in an interview with eWEEK.

The Redmond, Wash. software maker typically downplays a denial-of-service browser bug that fixes itself when the browser is restarted, but Ferris said it's dangerous to assume the risk cannot be escalated with additional research.

Looks like nothing changed.

Browse all articles« Previous « » Next »