A zero-day exploit for IE has been published which means that computer users can be attacked simply by visiting a website. The attack allows a remote cracker to take complete control of a Windows system, a proof-of-concept exploit of which has been made available by Computer Terrorism.
The exploit works on fully patched Windows XP systems with default IE installations and could be good-night Vienna to anyone using the Microsoft browser.
Microsoft has confirmed that systems running Windows 2000 SP4 and Windows XP SP2 are at risk, but claims that Windows Server 2003 and Windows Server 2003 SP1 systems are safe. The problem does not extend to Firefox or other browsers.