A vulnerabillity already found on IE 7.0 beta release. The vulnerability causes the IE to crash.
Update(JJ, 02 February 2006 16:12:19)
Read IE7’s blog here: http://blogs.msdn.com/ie/. They have tons of comments on the IE7 release, as well as the security bugs found in IE7 beta
This bug had already been found during our code review and analysis that is a mandatory part of our development process; it was scheduled to be fixed before our next public release. We do not believe this bug is easily exploitable, and as an extra defense, the /GS flag also catches the overrun. This is a compiler flag that tells Windows to watch for some classes of buffer overflows. If Windows sees a problem, it kills the application, in this case IE, instead of running the exploit code. While this is certainly not our primary line of protection, it does offer defense-in-depth to help keep our customers secure.
