IE 7 bug reopens debate over patch responsibilities
Security researchers are again arguing over who is responsible -- Microsoft or third-party developers -- for protocol-handling bugs after a researcher said late last week that Internet Explorer 7 can be used to trick users into launching malware.
Posting to the Full Disclosure mailing list, Juergen Schmidt, a researcher at Heise Security, blamed IE 7 for passing invalid Uniform Resource Identifiers (URI) to Windows XP.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.