Microsoft is investigating a recently reported flaw in its Internet Explorer browser, which reportedly allows remote attackers to execute malicious code on a user’s machine.
Security consultant Michal Zalewski warned that flaws in the way IE handled JPEG images could leave users’ IE browsers vulnerable to the remote execution of arbitrary code.
The vulnerability remains in the browser even if a user has installed Microsoft’s Service Pack 2 security package on machines running the XP operating system.
Microsoft recently patched another vulnerability in its browser as part of its monthly patching cycle, which also related to malicious images being used to take over a user’s machine.
More information on the latest reported bug can be found at: