IE COM Flaw Exposed

Just in time for your holiday weekend browsing, a new Microsoft Internet Explorer flaw has surfaced that could allow a hacker to take control of your PC.

A Microsoft advisory acknowledging the existence of the flaw was issued late yesterday after security firm SEC Consult published proof of concept code online.

The vulnerability stems from a COM (define) flaw (javaprxy.dll) that, according to the Microsoft security advisory, "could cause Internet Explorer to unexpectedly exit."

According to the advisory, Microsoft is investigating an exploitable condition of the vulnerability, which could potentially allow a hacker to run arbitrary code and take control of the compromised system.

SEC Consult claims it reported the vulnerability to Microsoft on June 17, which Microsoft responded to.

http://www.internetnews.com/security...le.php/3517206