March 23, 2006
By Pedro Hernandez
Microsoft is readying a security advisory on an Internet Explorer 6 vulnerability (on Windows XP SP2) rated highly critical by Secunia.
According to Microsoft Security Response Center's Lennart Wistrand, his team is investigating a flaw in how the browser handles the createTextRange() method in Javascript, which can lead to an attack if IE comes across a maliciously coded site. In addition to staying away from sketchy sites, the group's preliminary work indicates that there is a way for users to avoid getting stung by this bug.
Click here to the rest of the story.
