![](images/thomasavatarsmall.jpg)
Posted on Friday, March 24 2006 @ 22:55 CET by Thomas De Maesschalck
Microsoft yesterday confirmed the existence of an highly critical Internet Explorer security flaw and says it will release a pre-patch advisory with workarounds.
Secunia said in an alert that the vulnerability is due to an error in the processing of the "createTextRange()" method call applied on a radio button control.
"This can be exploited by a malicious Web site to corrupt memory in a way that allows the program flow to be redirected to the heap," Secunia said in the alert, warning that successful exploitation allows execution of arbitrary code whenever the target visits the rigged Web site.
More info at
PC Mag