IE Exploit Strikes, Installs Spyware

The unpatched CreateTextRange vulnerability in Internet Explorer is already being used by at least one Web site to install spyware on users' machines, a security organization said Friday.

"We just received a report that a particular site uses the vulnerability to install a spybot variant," the SANS Institute's Internet Storm Center (ISC) warned Friday in an alert. "It is a minor site with insignificant visitor numbers according to Netcraft's 'Site rank.'" TechWeb | Internet Explorer Security | IE Exploit Strikes, Installs Spyware

Linked by shanmuga Friday, 24th March 2006 10:47PM