Miles Associates LLC

This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer… The security update addresses these vulnerabilities by modifying the way that Internet Explorer handles objects in memory, validates input parameters, and filters HTML attributes.

EEye recommends immediate installation of the patch.

via eEye Digital Security .

Microsoft is investigating reports of limited, targeted attacks against customers of Internet Explorer 6, using a vulnerability in Internet Explorer. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.

Our investigation so far has shown that Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 is not affected, and that Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6, Internet Explorer 7 and Internet Explorer 8 on supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are vulnerable.

via Microsoft Security Advisory (979352): Vulnerability in Internet Explorer Could Allow Remote Code Execution.

“The public release of the exploit code increases the possibility of widespread attacks using the Internet Explorer vulnerability.  This attack is especially deadly on older systems that are running XP and Internet Explorer 6.”

via FOXNews.com – Google Hack Leaked to Internet; Security Experts Urge Vigilance.