I received an email today, the subject of which may interest some of you. I've read the report on the URL listed in his email, and the security "hole" seems to be valid, though I don't know if any other code on the page would actually run other than the code he used to produce the "hole" itself. Have a look...

------------------

NEW security hole / exploit in IE6 with SP2 and all the latest security patches that can be abused by hackers to run harmful JavaScript code and can be abused to mislead existing protection against harmful JavaScript code.

All the information about the new bug can be seen here: http://research.seniorennet.be/Techr...t_explorer.php

The bug is reported to Microsoft.