Greeting's

vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to error in the timing of drag-and-drop events when certain objects not derived from HTML documents (e.g. files within a folder view) are dragged. This race condition can be exploited to place arbitrary files on a user's system by tricking the user into interacting with a malicious web

Solution is :

Disable Active Scripting support for all but trusted sites.


For more information :

FULL DISCLOSURE
http://archives.neohapsis.com/archiv...6-02/0271.html

To verify above information :
http://secunia.com/advisories/18787/

Microsoft :
http://blogs.technet.com/msrc/archiv...13/419439.aspx