Days after the news of a new Internet Explorer exploit code surfaced; Microsoft has confirmed the existence of the code and said that it was looking into the matter.
The code was earlier posted on the BugTraq mailing list by an unidentified hacker with out any explanation. Security experts believe that the code can be used to take control of the computers if the website hosting the code is visited.
Leading anti-virus vendor Symantec has posted on its blog that the exploit code attacks a flaw in IE’s usage of Cascading Style Sheets (CSS) which is found on most websites.
Symantec also reported that the code was at a very early stage but it could be evolved into a much more dangerous exploit code.
Responding to the issue, Microsoft has said that the infected users can go to its Consumer Security Center and report the matter to Internet Crime Complaint Center or contact the law enforcement agency of the specific country.
Better be safe than sorry. Microsoft has been rather swift in recognising the issue associated with the vulnerability. One problem though is that a significant amount of users are still using Internet Explorer 6, one of the most bug-ridden and insecure browsers around.