One of the three Internet Explorer browser security
vulnerabilities reported last week could now be used by remote
attackers as a result of exploit code now circulating on the
internet.
The exploit code is said to give novice hackers an easy way to
use the "createTextRange ()" flaw in Internet Explorer that was
reported at the end of last week.
So far no exploit code has appeared on the internet for the two
other flaws in IE that were reported last week.
The rogue code could now be used by remote attackers to take
over users’ machines. The code can be used to attack users’
machines when they point their browsers at malicious websites
taking advantage of the vulnerability.
Microsoft is said to be working on a fix for the flaw, along
with patches for the other two reported bugs.
The next scheduled release date for Microsoft security patches
is 11 April, although the company may consider issuing an earlier
patch if there is evidence that the exploit code that is
circulating is a serious threat to users.
