Microsoft issues fix for IE flaw that could allow PC hijack
Read it @
Microsoft issued a fix today for a zero-day vulnerability in older versions of Internet Explorer that could allow attackers to gain control of Windows-based computers to host malicious Web sites.
The company confirmed Saturday that it was investigating a remote code execution vulnerability in IE 6, IE 7, and IE 8 that could allow an attacker to use the corrupted PC to host a Web site designed to exploit the vulnerability with other users. Versions of the browser after IE 8 are unaffected, Microsoft said.