Exploit Posted for New IE Zero-Day
Ryan Naraine writes on eWeek:
Security researchers in China have published detailed exploit code for a new zero-day vulnerability in Microsoft's dominant Internet Explorer browser.More here.
The exploit, which was posted to XSec.org and Milw0rm.com Web sites, could be easily modified to launch code execution attacks without any user action on fully patched Windows machines.
Officials in the MSRC (Microsoft Security Response Center) could not be reached to respond to the latest warning, which adds to a list of known high-risk vulnerabilities that remain unpatched.