“The unpatched CreateTextRange vulnerability in Internet Explorer is already being used by at least one Web site to install spyware on users’ machines, a security organization said Friday.
“‘We just received a report that a particular site uses the vulnerability to install a spybot variant,’ the SANS Institute’s Internet Storm Center (ISC) warned Friday in an alert. ‘It is a minor site with insignificant visitor numbers according to Netcraft’s ‘Site rank.’”
Free security training available at http://adventuresinsecurity.com/SCourses