This is just mind-boggling to me. According to a piece on TechWeb, a vulnerability that was found (by the same Dutch security vendor Secunia) nearly TWO YEARS AGO in IE6 remains in IE7! It’s the one that could allow attackers to capture your data from what you think is your bank’s or other trusted site’s forms. It was news of this very vulnerability that I used frequently as an example of the sorts of security holes that IE had as I encouraged friends and consultees to switch to Firefox. The fact that it remains unfixed is just beyond the pale.
Read the TechWeb item here.