Security Alert 22-03-06

Security Alert, March 22, 2006

Vulnerability in IE Could Allow Remote Intruders to Execute Code

An unpatched vulnerability in Microsoft Internet Explorer (IE) might allow a remote intruder to execute code on a user's system without the user's knowledge. Complete details of the exploit are not yet available, however the problem relates to HTML Application (HTA) files.

Microsoft is aware of the problem, is investigating, and will release a patch for the problem, possibly in April.

I would suggest that as an extra precaution that emails be opened in text format only first, rather than HTML or Rich Text format when using OE or Office Outlook.