IE 7 Security vulnerability
"A vulnerability has been discovered in Internet Explorer, which can be
exploited by malicious people to disclose potentially sensitive
information.
The vulnerability is caused due to an error in the handling of
redirections for URLs with the "mhtml:" URI handler. This can be
exploited to access documents served from another web site."
For more information
Secunia has constructed a
test
Secunia has confirmed the vulnerability on a fully patched system with
Internet Explorer 7.0 and Microsoft Windows XP SP2. Other versions may
also be affected.
However, Microsoft reports as a response of this vulnerability
"These reports are technically
inaccurate: the issue concerned in these reports is not in Internet
Explorer 7 (or any other version) at all. Rather, it is in a different
Windows component, specifically a component in Outlook Express. While
these reports use Internet Explorer as a vector the vulnerability
itself is in Outlook Express."
For More info about Microsoft Response
Digg It