New zero-day IE bug can give attackers control
Microsoft's Internet Explorer browser is vulnerable to an unpatched bug similar to one fixed last week, several security vendors said Thursday. Microsoft is investigating, the company confirmed in a security advisory.
As first reported by the French research firm FrSIRT, and then picked up by others vulnerability trackers, the bug in IE is due to a memory error caused when the browser instantiates the Msdds.dll object as an ActiveX control.
By Gregg Keizer at InformationWeek.
[ Read more ]