Recently submitted to the Internet Explorer 7 discovered a vulnerability which hackers can theoretically be used to obtain unauthorized access to confidential data, such as passwords and login victim.

According to the Danish company Secunia, to carry out attacks attacker must compel the user to visit a specially created web page. If the browser is open to another site, an attacker can gain access to information contained on it. Attends the gap completely krpar computers using Windows XP and a second service pack.

Thomas Christensen, an expert company Secunia, said that the issue in question was identified in the summer of 2004 in Internet Explorer 6. Specialists on security then informed Microsoft of the vulnerability, and advised the corporation to deactivate the option "Navigate sub-frames across different domains" (transition between frames across different domains). The seventh version of Internet Explorer, this option is turned off by default, but the problem is, it seems, are not solved.

The company Secunia described the hole moderately critical. Information about the vulnerability has been directed at Microsoft, but the patch does not exist yet. Users are advised not to visit questionable sites on the Internet or install an alternative browser, such as Firefox or Opera.

Meanwhile, not so long ago in Internet Explorer 7 has identified another error, which theoretically allows falsification site addresses. This hole can be used for the purpose gotten steal confidential information about users of the Internet. Patch for the vulnerability does not exist yet.