Another Zero-Day Vulnerability for IE
Well, it’s been a while since we’ve had an active zero-day in Internet Explorer, but according to Microsoft Security Advisory 972890, that’s what we’re looking at: a vulnerability in DirectX that allows for unauthenticated, remote execution attacks via Internet Explorer. In other words, drive-by attacks.
This vulnerability impacts both Windows XP and Windows Server 2003, so if you’re using those systems to browse the internet, you’ll want to immediately implement the workaround.
The following links provide more information about the issue and its workarounds:
Patch Tuesday is only a week away, so hopefully, the long-term resolution can be added to that release (if not before), rather than coming in an out-of-band release later in the month.