Ferris discovered the bug, which causes Internet Explorer to crash when it tries to read a specially crafted HTML file, using an automated security testing tool, called a "fuzzer," that he wrote to test Microsoft's browsers.More details at PC World. He claims this is a completely new vulnerability, which is only present in IE7 Beta 2.
"Whenever they patch, I normally run IE through the fuzzing iterations, just to see if there [is something new]," he says. Ferris posted his findings at 8:30 p.m. Pacific time on Tuesday, the same day IE Beta 2 was released, he says.
Researcher finds but in IE7 beta 2 after 15 minutes
Posted on Monday, Feb 06 2006 @ 01:35 CET by Thomas De Maesschalck