Security 10816 Published by

Thanks to MooSoft for this one:



There is a very bad IE exploit being abused right now. Thousands of websites have been compromised and many emails are being spammed to trick people into going to them. Until this is patched you should be very careful about clicking links.

More info is available from Microsoft here:
http://www.microsoft.com/technet/security/advisory/925568.mspx

A partial quote:

Microsoft has confirmed new public reports of a vulnerability in the Microsoft Windows implementation of Vector Markup Language (VML) Microsoft is also aware of the public release of detailed exploit code that could be used to exploit this vulnerability. Based on our investigation, this exploit code could allow an attacker to execute arbitrary code on the user's system. Microsoft is aware that this vulnerability is being actively exploited.

A security update to address this vulnerability is now being finalized through testing to ensure quality and application compatibility Microsoft’s goal is to release the update on Tuesday, October 10, 2006, or sooner depending on customer needs....