Yet Another IE 0-Day

Hi folks,

Our colleagues at SunBelt have found yet another IE 0-day. See
http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.html.

Please note that this is very different from the XSEC ComObject overflow announced last week. This one seems to be a new WebAttacker, but fortunately, SocketShield already detects it with generic WebAttacker signatures. We'll post more as we know more.

Special thanks to Eric Sites and the guys at Sunbelt for being so willing to share knowledge. It's this sort of vendor/researcher level cooperation that gives the world a chance to defeat the Bad Guys.

Cheers

Roger