Here are couple of updates regarding the latest 0-day.
As noted in Microsoft's advisory, Windows Server 2008 and Vista (both SP0 and SP1) are affected as well. The exploit for Windows Vista is publicly available now as well, but most malicious web sites still use the exploit I analyzed yesterday, so they are attacking only Windows XP and Windows 2003 machines.
It also appears that more attackers are now using this – ..............................
EDIT: (Use link above for more info)
IE7 0day expanded to include IE6 and IE8(beta)
Last Updated: 2008-12-12 01:26:35 UTC
by Kevin Liston (Version: 1)
Microsoft has updated Security Advisory (961051) to include Microsoft Internet Explorer 6 and Windows Internet Explorer 8(beta).
This is the vulnerability discussed is these recent articles:
Edited by buddy215, 12 December 2008 - 07:28 AM.