I have a question regarding the recent alert regarding security that has hit the news. Microsoft Security Advisory (2501696) Vulnerability in MHTML Could Allow Information Disclosure I know that there is an enable fix and disable fix on the page for that particular error but i am wondering if it is necessary for me? I am asking because from what i can tell it is affected via Internet Explorer but I am running IE9beta which applies a similar sandboxing method to that of Google Chrome which i predominantly use anyway. Anyone more learned than i please chime in and let me know. Thanks

According to the Security Advisory the vulnerability is present in Windows itself, not just the browser. Since MHTML is little used, applying the Fixit should not cause any serious side effects. Key word being should - Microsoft Security Advisory (2501696) Vulnerability in MHTML Could Allow Information Disclosure "The vulnerability exists due to the way MHTML interprets MIME-formatted requests for content blocks within a document. It is possible under certain conditions for this vulnerability to allow an attacker to inject a client-side script in the response of a Web request run in the context of the victim's Internet Explorer. " There's nothing posted on the Advisory that states IE9 is not subject to the vulnerability; it just lists the Supported editions of Windows. As does this article on Secunia - Secunia Advisory SA43093 - Microsoft Windows MHTML Cross-Site Scripting Vulnerability And, Secunia classifies the vuln as 'Less critical', FWIW. The sky is not falling ... yet <w> MowGreen Windows Expert IT Pro - Consumer Security *-343-* FDNY NEVER FORGOTTEN