Symantec has warned Internet Explorer users of a new proof-of-concept exploit which has been posted on the BugTraq website.
The zero-day vulnerability in Internet Explorer affects both IE 6 and 7 on Windows XP and Vista. Symantec's Security Response Team warned that other versions of IE and Windows may also be affected.
The attack targets a vulnerability in the way IE uses Cascading Style Sheets (CSS) information. CSS is used in many web pages to define the presentation of the site's content, Symantec said.