Microsoft late Tuesday updated its security advisory to confirm it was aware of a zero-day exploit and a drive-by malware attack targeting the unpatched vulnerability.More info over here.
Alex Eckelberry, president of anti-spyware vendor Sunbelt Software, said his company first detected the drive-by downloads earlier this week and reported its findings to Microsoft.
"This is a pretty nasty exploit. You just have to visit the [malicious] site and your computer gets hosed. It's dropping a Trojan downloader that takes control of the victim's machine," Eckelberry said in an interview.
Microsoft preparing fix for critical IE flaw
Posted on Saturday, Dec 03 2005 @ 01:07 CET by Thomas De Maesschalck