Microsoft's Security Response Center has acknowledged the appearance of proof-of concept code for a vulnerability in Internet Explorer 7.

A Security Response Center blog posting said that Microsoft will investigate the issue immediately.

The proof-of-concept code targets ADODB.Connection, a component of Microsoft's ActiveX software. There are no reports of the vulnerability being actively exploited by attackers.

Following on from last week's false alert [webmasterworld.com], this is the real thing - yet again, an ActiveX vulnerability which affects IE7.