While looking around a compromised server that was being used to exploit Java vulnerabilities, a security researcher stumbled upon another exploit that he claims affects fully patched versions of Microsoft Internet Explorer 7 and 8. Read More ..
Eric Romang found four files on the server: an executable, a Flash Player movie and two HTML files called exploit.html and protect.html
When users visit the exploit.html page, it loads the Flash movie, which in turn loads the other HTML page, protect.html. Together, they help drop the executable on to the victim's computer. At this point, attackers have everything they need to drop whatever applications they like on the victim's machine, whether it is to join a botnet or conduct attacks. In this case, the dropper executable installs another program when the victim next logs in.
Romang discussed the zero-day with other security researchers, who also came to the same conclusion that this was a vulnerability in Internet Explorer.