Secunia blamed Microsoft this week for a URI handling flaw that can be exploited when a user browses with Firefox but has Internet Explorer (IE) 7 installed.
Reports of the URI handling flaw, which Mozilla said Wednesday it is investigating and working to patch, follow a back-and-forth earlier this month between Mozilla and Microsoft over who was to blame for a URL handling flaw.
After patching the flaw in Firefox on July 17 – and urging Microsoft to do the same with Internet Explorer (IE) – Mozilla officials admitted that the URL handling flaw is primarily a Firefox issue.
Secunia’s advisory, issued on Thursday, calls the latest flaw a “Microsoft Windows URI handling command execution vulnerability,” which can be exploited for remote code execution.
Secunia, Microsoft, Mozilla, Firefox, IE7, Internet Explorer 7, URI, Flaw, Bug, Vulnerability