
I still need the reassurance of a familiar brand before it's a real story - Tony Maddox, CNN senior VP
SECUNIA REPORTED what it described as an "extremely critical" bug in Internet Explorer.
The firm said two vulnerabilities, in combination with other known problems, can allow people to gain access to your computer system from a remote location.
It said it has tested the bugs against a fully patched version of IE 6.0, which are a variant of the "ms-its:" local resource access vulnerability and another cross zone scripting error that allows remote users to execute files on local machines.
Secunia says the bugs are being actively exploited in the wild. One way to stop possible attacks is to disable active scripting support for all but trusted web sites, and to remove support for the "ms-its:" URL handler.
Secunia's bulletin is here, while there's a full description on the Full Disclosure web site. µ