via Gizmodo UK


Oh dear, poor old Internet Explorer has been the victim of a few more high-profile attacks recently, and so soon after vulnerability flaws were addressed just last week.

Microsoft warned that consistent exploit code for the problem was likely to appear and this is circulating around via bogus Word documents that can install malware on unpatched computers.

At the moment all it seems to do is spam malicious document files but according to Bojan Zdrnja from the Sans Internet Storm Center, "There is absolutely nothing preventing attackers from using the exploit in a drive-by attack (and we can, unfortunately, expect that this will happen very soon)."

So the long and short of it is, if you haven't grabbed the patch already, do so now by running an auto-update or running it manually from the Microsoft Update site here.

Trend Micro is currently working on finding out more about the threat and to date has revealed that screenshots of the infected system are taken and sent to a malicious location, as well as opening an invisible IE window to connect to a website and listen for commands. More details from the link below.