Microsoft has announced that a serious exploit in Microsoft’s Video ActiveX Control can allow hijackers complete access to a remote system.
The zero day exploit affects Internet Explorer 6 and 7 users when they visit an infected web site if they are using either Windows XP or Windows 2003.
Windows Vista, Windows 7 and Internet Explorer 8 users are safe for now. No patch is currently available but Microsoft has posted a workaround for the exploit.
A patch is in the works, but no details on when it will be released have been announced.
Links: