Basically the threat revolves around the principle that certain types of code, when contained or called from within a Web page, can clog up a Web browser sufficiently to cause it to freeze or crash.
Also known as packet fuzzing, the technique actually dates back to the days of the BBC Model B computer and Micronet, the online BT Prestel/EMAP public viewdata service for computer enthusiasts in the 1980s and early 1990s.
Pre-dating the Web by several years, Micronet took the principle of viewdata - essentially a teletext screen transmitted using a 1,200/75 bits per second modem (yes, you did read those rates correctly -Ed) - and extended it to allow the download of telesoftware to the computer concerned.
The problem was that a telesoftware download could be triggered automatically, so, if you were naughty, you could include a set of telesoftware download headers and lock the viewing computer into a constant cycle of download seeking.
On the BBC Model B, this effectively froze the computer, requiring a reboot of the machine, which took several minutes.
Anyway, El Reg says that data fuzzing was `discovered' last month by security researcher HD Moore who decided to write a simple program that would mangle the code found in Web pages and cause a browser crash.
The Reg newswire says that tracing the root causes of the crashes has resulted in the discovery of more than 50 flaws in Internet Explorer, a number of which can be used to gain control of a site visitor's Windows system.
Microsoft, as you might imagine, is the investigating the issue...