By Elinor Mills
November 23, 2009
Microsoft on Monday said it is investigating a possible vulnerability in
Internet Explorer after exploit code that allegedly can be used to take
control of computers, if they visit a Web site hosting the code, was
posted to a security mailing list.
Microsoft confirmed that the exploit code affects IE 6 and IE 7, but not
IE 8, and it said it is "currently unaware of any attacks trying to use
the claimed vulnerability or of customer impact," according to a
The exploit code was published to the BugTraq mailing list on Friday
with no explanation.
"The exploit targets a vulnerability in the way Internet Explorer uses
Cascading Style Sheet (CSS) information. CSS is used in many Web pages
to define the presentation of the sites' content," Symantec wrote in a
blog post this weekend.
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News