Four new holes have been discovered in the Internet Explorer (IE) Web browser that could enable crackers to run malicious code on Windows systems, even if those systems have installed the latest software patches, security experts warned.
"Two of the vulnerabilities, first disclosed by someone using the name Rafel Igvi and posted to the NTBugtraq discussion list, allows attackers to... trick users into clicking on the bogus Web links using e-mail messages or by linking from other Web pages.... On Thursday, two more unpatched Internet Explorer holes also surfaced that are slight variations on the same themes. One is a spoofing vulnerability that works on IE, as well as the Mozilla and Safari browsers and allows attackers to fake the address displayed in the address bar. The other is a cross zone scripting hole that lets users load insecure Web pages as if they were trusted Web pages."
Moreover, the actual conceptual design of IE itself is under attack:
"In particular, Microsoft's implementation of "security zones" into which Web pages can be grouped is deeply flawed, as is code in IE for assessing what level of security to apply to a particular Web page URL. Fixing such problems will demand a wholesale reengineering of the often-used Web browser, something Microsoft plans to do in the next major release of Windows, code named "Longhorn."
More here.