Browser Security News

In a test conducted by BetaNews on a fresh installation of the release version of Internet Explorer 7, on a "clean" environment set up within Virtual PC 2004, the browser failed the MHTML content retrieval test. The issue involves redirecting the Web browser to a local resource.

In examining the source code of Secunia’s page, we found that a JavaScript function first generates a resource location using pieces of strings, plus a randomly generated number as a throw-away parameter. The location points to a page that apparently triggers an HTTP 302 signal, purportedly that the site location has been rerouted.

The problem occurs when the browser — or some other component of the Web browsing process — takes the address of the rerouting for granted. With recent versions of IE, including IE7 in our test, the browser pulls up the alternate address regardless of what it contains. BetaNews | Address Redirection Cause of IE7 Issue