The bug, which concerns the way IE processes Web pages using the createTextRange() method, is now being exploited by attackers on hundreds of malicious Web sites (see "Update: Microsoft tests fix for IE bug as exploits appear"). Users who might be tricked into visiting these Web sites could have unauthorized software installed on their computers, security experts warn.More details at Computer World.
Though Microsoft has described these attacks as "limited" in scope, the problem is being taken seriously by the software giant because the exploits can be used to seize control of a user's machine.
Microsoft to patch critical IE bug on April 11
Posted on Tuesday, Mar 28 2006 @ 17:18 CEST by Thomas De Maesschalck