Panda Software reports a Microsoft Internet Explorer VML vulnerability which has been classified as critical and affects a large number of versions of Windows XP and Windows Server 2003.

This vulnerability lies in the way in which Microsoft Internet Explorer handles VML (Vector Markup Language) graphics.

As a result, a hacker could host a specially-crafted web page that, when visited by users, forces the browser to silently download and run files. In fact, proof-of-concept code of this issue has been published.

Microsoft has not yet released the patch to fix this vulnerability.

In the meantime, users are recommended to disable execution of Java script in the Microsoft Internet Explorer settings.

Source: Panda Software Virus Alerts

Reported in [1] ZDNet news (reported on our [2] Industry and Security News page), [3] Zeroday Emergency Response Team (ZERT) has released a unofficial patch to protect Internet Explorer users.

It is expected that Microsoft will not have anything to protect their software users until the 10th of next month.

Visit, [4] TheGoldShop.biz - Professional exchange services for all your e-gold buying and selling needs!