Welcome to WebmasterWorld Guest from 126.96.36.199
Forum Moderators: incrediBILL
Contrary to popular beliefs, the aforementioned security issue is susceptible to remote, arbitrary code execution, yielding full system access with the privileges of the underlying user."
Read about it on the site of computerterrorism. An exploit known on 31/05 and still nothing done about it. And now Microsoft is mad at them for publishing this bug?
I've only got IE6 at work so I won't try it ;)
People who want to turn off IE active scripting as a preventative measure might find this useful: How to stop 'Active Scripting' [blogs.zdnet.com]. This will break some sites, although if you need to access the scripting they can be added to the Trusted list.