The folks over at McAfee have written today about a new zero day, and it doesn’t look pretty. Our team is on high alert for this exploit and we are actively hunting for any sites which are using it.
Preliminary tests demonstrate that Internet Explorer 6 and 7 running on a
fully patched Windows XP SP2 are vulnerable to this attack. Windows XP SP0 and SP1 do not appear to be vulnerable, nor does Firefox 2.0. Exploitation happens completely silently.
The ani format is an animated cursor format. We’ll post more information as we get it.
Update: Microsoft security advisory here.