A bug discovered in Microsoft's Internet Explorer, publicized 6 months ago and yet still unpatched by MS, was recently escalated from 'DoS' (a minor inconvenience) to 'Extremely Critical' - Secunia's highest warning. The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2, as well as Internet Explorer 6.0 on Microsoft Windows 2000 SP4. This exploit is also believed to apply to IE 5.5. See Secunia for more information on this critical flaw. There is no MS patch yet, and exploitation of this flaw is trivial. For those of you still running IE, my personal recommendation is to replace IE with a superior [Opera] browser [Firefox].
