Microsoft issued an advisory last night to respond to the new unpatched Internet Explorer vulnerability and Proof of Code exploit developments. We should be careful with websites, keep AV protection updated, and watch for an upcoming patch or other solutions.
Microsoft Security Advisory (917077)
Vulnerability in the way HTML Objects Handle Unexpected Method Calls Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/917077.mspx
OVERVIEW
Microsoft has confirmed new public reports of a vulnerability in Microsoft Internet Explorer. Based on our investigation, this vulnerability could allow an attacker to execute arbitrary code on the user's system in the security context of the logged-on user. We have seen examples of proof of concept code but we are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time.
WHAT CAUSES THREAT?
When Internet Explorer displays a Web page that contains certain unexpected method calls to HTML objects, system memory may be corrupted in such a way that an attacker could execute arbitrary code. Specifically, the public postings discuss a potential behavior in Internet Explorer in the way that HTML objects may handle an unexpected createTextRange() method call to an HTML object. A Web page that is specially crafted to exploit this vulnerability will cause Internet Explorer to fail. As a result of this, system memory may be corrupted in such a way that an attacker could execute arbitrary code.
SUGGESTED ACTIONS & WORKAROUNDS
* Microsoft encourages users to exercise caution when they open e-mail messages and links in e-mail messages that come from untrusted sources.
* Customers are encouraged to keep their antivirus software up to date.
* Configure Internet Explorer to prompt before running Active Scripting or disable Active Scripting in the Internet and Local intranet security zones.
* Set Internet and Local intranet security zone settings to "high" to prompt before Active Scripting in these zones.