For the second time this week, a flaw has been discovered
in Internet Explorer 6 (running on 98, XP and 2003 Server). This one is quite a bit more serious than the previous, and if exploited could result in total system compromise. The problem arose from how IE6 parses .HTA files, which are used in web-based applications (commonly used for ASP and many other functions). Microsoft requested that the details of the exploit be kept under wraps until a fixed has been released, and the discoverer of the exploit agreed. Microsoft hasn't stated yet whether a patch will be issued through the standard patch cycle or as a security advisory.