Microsoft finally stepped up work on a patch to address vulnerabilities in the way Internet Explorer 7 interacts with other programs. But with no fix available at press time, using IE 7 on Windows XP machines is risky business.
The problem lies in how IE 7 interacts, via its URI (uniform resource identifier) handler, with products such as Adobe's Acrobat Reader or Mozilla's Firefox. At first, Microsoft stonewalled, pointing a finger at Firefox; then, after acknowledging that the problem was its own, the company dragged its feet on a fix because no exploit existed. That changed when a PDF Trojan horse attack started making the rounds in October. Adobe patched Reader (see below), but that covers only one end of the worm hole.
Like patching a leaky old boat!
Microsoft Patch for 'URI Handler' Security Bug
Microsoft's December Patches Squash Security Bugs
Edited by Major Payne, 26 December 2007 - 06:41 PM.