Some security researchers have already a week ago discovered an information disclosure vulnerability in IE7 hours after its official release.
The flaw is caused by an error in the handling of redirections for URLs with the "mhtml:" URI handler. Actually, this flaw was observed by Secunia in earlier version of IE6 and Outlook Express but still remains unresolved. It is said that this flaw can be exploited by malicious people to disclose potentially sensitive information.
Secunia has constructed a test, which is available at:http://secunia.com/Internet_Explorer_Arbitrary_Content_Disclosure_Vulnerability_Test/
The curent solution available to this is to disable active scripting support.
Technorati Tags: IE 7, first Flaw, Outlook, mhtml: