Circumstantial evidence suggests Microsoft is referring to a post by security researcher Chris Evans, of Google, to a Full Disclosure mailing list on Friday, hours before MSRT's tweet.
"A nasty vulnerability exists in the latest Internet Explorer 8," Evans wrote. "I have been unsuccessful in persuading the vendor to issue a fix."
"The bug permits — for example — an arbitrary web site to force the victim to make tweets," he added.
Nasty bug found in Internet Explorer 8
Posted on Monday, September 06 2010 @ 20:00 CEST by Thomas De Maesschalck