Yet another bunch of IE security holes
According to security researcher Thor Larholm, insecure JavaScript features in Microsoft Internet Explorer allow any Web site to take control of your browser and/or your computer. What's more, because MSIE renders Web pages and e-mail messages for Outlook, Outlook Express, and many other applications (such as Eudora, unless this functionality is explicitly disabled), those applications are vulnerable as well...
"Until a patch is developed and users apply it, MSIE is susceptible to all manner of exploits -- both via the Web and via e-mail. While it's possible to avoid the problem by fully disabling scripting, the best course is to use an alternative browser such as Netscape, Mozilla, or Opera."
Full article is here.
