Zero-Day Exploit Hits Internet Explorer
Robert Vamosi writes on C|Net News:
One flaw not addressed in yesterday's Patch Tuesday is a heap overflow within the XML parser reported on Wednesday by Bojan Zdrnja of the SANS Internet Storm Center.More here.
The exploit in the wild on Wednesday creates an XML tag, then waits 6 seconds in an attempt to thwart antivirus engines. The exploit could then crash the browser and run malicious code when the browser is restarted. The user must be running Windows XP or Windows Server 2003, and using Internet Explorer 7.
Zdrnja writes that "at this point in time, it does not appear to be wildly used, but as the code is publicly available, we can expect that this will happen very soon."
A Microsoft representative said the company is "investigating new public claims of a possible vulnerability in Internet Explorer. Once we're done investigating, we will take appropriate action to help protect customers. This may include providing a security update through the monthly release process, an out-of-cycle update, or additional guidance to help customers protect themselves."
Note: See also "Zero-Day IE7 Flaw Being Actively Exploited". -ferg