Users should continue to be cautious with email and in browsing web sites as a new unpatched vulnerability with exploits in-the-wild surfaced this weekend.
Microsoft Critical Advisory # 927892
http://www.microsoft.com/technet/security/advisory/927892.mspx
Internet Storm Center
http://www.incidents.org/diary.php?storyid=1825
SecurityFocus Advisory
http://www.securityfocus.com/brief/348
AVERT Labs MS zero-day Vulnerability
http://www.avertlabs.com/research/blog/?p=125
Secunia
http://secunia.com/advisories/22687/
FrSIRT
http://www.frsirt.com/english/advisories/2006/4334
CERT
http://www.us-cert.gov/current/current_activity.html#xcorerem
QUOTE: A vulnerability has been identified in Microsoft XML Core Services, which could be exploited by remote attackers to take complete control of an affected system. This flaw is due to a memory corruption error in the XML based ActiveX Control.
RECOMMENDATIONS (CERT): Until an official update, patch, or more information becomes available, we recommend the following actions to help mitigate the security risks:
* Disable the XMLHTTP 4.0 object in Internet Explorer as specified in Microsoft Support Document 240797.
* Disable ActiveX as specified in the Securing Your Web Browser document.
* Do not follow unsolicited links.
* Review the steps described in Microsoft's document to improve the safety of your browser.