Contributor: Lionel Payet
Eric Romang has released a blog about the Microsoft Internet Explorer Image Arrays Remote Code Execution Vulnerability, a possible zero-day vulnerability in Internet Explorer that is being exploited in the wild. Microsoft has confirmed this vulnerability affects Internet Explorer 9, Internet Explorer 8, Internet Explorer 7, and Internet Explorer 6 browsers.
The exploit is made up of four main components:
Interestingly, this exploit was hosted on the same servers used in the Nitro attack.
As always, we recommend that you follow best security practices and ensure you have the most up-to-date software patches installed. Use the latest Symantec technologies and virus definitions for the best protection against threats.