I always like a good Microsoft bag out so here’s another.

Hackers are now exploiting versions of IE.6, 7 and the latest beta, 8. Microsoft has said, any user running browsers on Windows 2000, XP, Vista, Server 2003 or Server 2008 are at risk, Microsoft said.

Microsoft also spelled out the root of the problem, saying that the bug is in IE’s data binding functionality and, contrary to earlier reports by independent security researchers, not in the HTML rendering code. "The vulnerability exists as an invalid pointer reference in the data-binding function of Internet Explorer," said Microsoft. "When data binding is enabled (which is the default state), it is possible under certain conditions for an object to be released without updating the array length, leaving the potential to access the deleted object’s memory space. This can cause Internet Explorer to exit unexpectedly, in a state that is exploitable."

Microsoft also hinted that the "oledb32.dll" file contains the bug when it added a recommendation that users disable or cripple the .dll’s function as a stopgap measure. Oledb32.dll is a component of Microsoft Data Access, a collection of technologies for accessing different types of data in a uniform fashion. "OLEDB" stands for "Object Linking and Embedding, Database."

more info can be found here:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9123338&source=NLT_PM

Well, I suppose thats another postive for Vista, as this bug doesnt affect Vista users, Yay. Other than that, i urge all ie users to upgrade to a browser called firefox that can be found here: http://www.mozilla.com/firefox/