Tailing last week, a vulnerability in Internet Explorer 6 SP1 was discovered. Luckily for IE users it seems that it was found by the good guys
first. This one is pretty nasty, allowing arbitrary code execution and remote control of a vulnerable PC. The reports are conflicting, however, as one states that only 2000/SP1 users are vulnerable, while another states that even fully patched XP SP2 clients are at risk. IE users beware, be careful where you browse and make sure you're always fully patched. No official word from MS soon but odds are a patch will come out during Septembers patch cycle.