The bug allows hackers to place a fake Web address in one of the browser's pop-up Windows, and could be used to trick a victim into inadvertently downloading something from what appeared to be a trusted Web site One week after Secunia has reported first bug in new Internet Explorer 7, Danish security vendor is reporting a new bug in the browser.

Based on its initial investigation, Microsoft believes that there is "an issue," a spokesman with the company's public relations agency said in an e-mail.

While the full URL of the Web page being displayed is present in the pop-up Window's address bar, the left part of this URL is not initially displayed, the spokesman said.

That problem could allow an attacker to spoof a legitimate Web site, Secunia said.