Exploit now publicly available for unpatched IE flaw

 An exploit has become publicly available for a newly disclosed critical -- and as yet unpatched -- vulnerability in Microsoft Corp.'s Internet Explorer Web browser.

The exploit has been posted on several Internet sites and gives even relatively novice hackers an easy way to take advantage of a flaw in the way IE processes information using the createTextRange () method, according to Secure Elements Inc., a Herndon, Va.-based security firm. "It's just a matter of time before the exploit gets turned into a virus or a worm" capable of creating considerable damage on unprotected systems, said Scott Carpenter, director of security labs at Secure Elements.
Tags:  Patch, law, XP, exploit, AVA, AV, vail, public, FLA, OIT, lab, now, IE, AI