If you aren't looking to be surprised, then trust me, you won't be when you hear about a newly discovered exploit in Internet Explorer. As with dozens of other exploits found in the much-battered browser the past few years, this most recent one targets an as of yet unpatched IE flaw
we heard about not too long ago. It, of course, allows someone to completely control your machine. Luckily, it hasn't been used yet, that we know of. Microsoft
said they haven't yet received reports of infections or compromises happening due to the flaw, which affects IE 5.01 and 6. The article suggests that perhaps the released code for this was timed in such a fashion to happen right after Patch Tuesday, since often Microsoft is slowest to respond after that point:
In recent months, word of new attacks has repeatedly followed shortly after "Patch Tuesday." Some experts believe the timing of the new attack is no coincidence, suggesting that attackers look to take advantage of a full month before Microsoft is scheduled to release its next bunch of fixes.
Luckily for all other browsers, including those of you using the IE 7 Beta
, you aren't affected. Of course, many people are using IE 6, and some still using IE 5, which could put them at risk.