IE7 Immune to VML Exploit
In testing on a couple different blogs, IE7 has proven to be immune to the vml exploit currently making the rounds. Ed Bott says Vista passes one security test,
Now, it’s important to note that the developers of IE7 clearly had no idea that this vulnerability existed in IE6. But their development process managed to block this particular exploit right out of the box, and the additional layers of security provided important clues that this page was potentially dangerous.
Sandi Hardmeier at Spyware Sucks says Important – IE VML Vulnerability – IE7 is immune and as a matter of fact says it has been immune to almost all the other vulnerabilities that have come out since its realease.
And the IE team says, “…With the exception of a very short list of issues we’re aware of and working on, we think the product is done…. Depending on your feedback, we may post another release candidate. We?re still on track to ship the final IE7 release in the 4th calendar quarter.”
Sounds like this may be as good of a time as any to read the release notes and upgrade to IE7, but be warned, there are still some software issues with other programs.