Microsoft says reports of browser flaw wrong
Microsoft Corp. is downplaying reports of a security flaw in its new web browser, saying the problem lies with another Windows program.
"These reports are technically inaccurate: the issue concerned in these reports is not in Internet Explorer 7 (or any other version) at all. Rather, it is in a different Windows component, specifically a component in Outlook Express," Christopher Budd wrote on the Microsoft Security Response Center blog Thursday.
The Microsoft representative wrote that Internet Explorer can be used as a route to gain access to Outlook and that the company is investigating the issue.
Budd added that the world's largest software maker is not aware of any attempts to exploit the vulnerability.
On Thursday, Danish security company Secunia reported a vulnerability in Microsoft's new Internet Explorer 7 (IE7) web browser that could let an attacker gain access to documents over the internet.
No repair is yet available for the flaw, which Secunia rated as "less critical" — the second least serious on the company's five-point threat-rating scale.
Microsoft released IE7 late on Wednesday, touting its security features as a key element of its first major upgrade in years.