Vulnerability in Internet Explorer could allow remote code execution
10 March 2010
Microsoft has issued a security advisory about a new vulnerability in Internet Explorer. According to Microsoft this vulnerability could allow remote code execution, and it is being actively exploited in targeted attacks.
Version 8 of Internet Explorer is not affected by this vulnerability. Organizations and individuals able to upgrade to version 8 should therefore perform such an upgrade to be protected. More information is available in Microsoft's Security Advisory from 9 March 2010.
Update 2010.03.11
Norman Exploit Detection - the proactive technology that detects malware even before specific signatures are added - has so far proven to detect more than 50% of the malware that utilizes this vulnerability. As far as we know, this is better than most other antimalware products.
Norman Exploit Detection is used in all antimalware products using Norman's scanner engine.
Update 2010.03.31
Microsoft has released an out-of-band security update for this vulnerability. More information and download links for updates in Microsoft's Security Bulletin MS10-018.