Microsoft today released the Security Bulletin KB2458511), claiming to be investigating a new exposed IE vulnerability,This vulnerability can cause remote code execution.AndAll IE versions on all operating systems,IE9 Beta is not affected by this vulnerability.
Microsoft pointed out that this security vulnerability was caused by an illegal tag reference in IE browser. In some cases, you can still access this illegal tag reference after an object is deleted. In a specially planned attack, hackers attempt to access a released object, causing IE to allow remote code execution.
According to Microsoft's detection, hackers have used this vulnerability to attack users. Microsoft is developing security patches. However, before patch release, it is recommended that IE users take the following measures:
-Use a user-defined CSS cascade style form) to overwrite the website CSS style;
-Application-enhanced experience relief tools;
-Enable the Data Protection Function of IE7;
-Read emails in plain text format;
-Set the security zone of the Internet and Local Intranet to "high" and block ActiveX controls and Active scripts in these areas.
The exposed security vulnerabilities affect IE versions: Windows XP SP3 and IE6 on Windows Server 2003 SP2; IE7 on Windows XP SP3, Windows Server 2003 SP2, Vista, and Windows Server 2008; XP SP3, Windows Server 2003 SP2, Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2 IE8.