Exploit code for an unpatched vulnerability in Microsoft's Internet Explorer is circulating, a security company said Friday, but the danger remains low as the current attack only crashes the browser.
Fully-patched Windows XP SP2 and Windows 2000 SP4 systems are open to the new attack, said David Cole, director of Symantec's security response group. "This is proof-of-concept code, we haven't seen any active exploits," said Cole. "Whether it grows into something bigger is heavily linked to if it gets remote code execution [capabilities]," he added.
Microsoft's advice, which included setting the "kill bit" for the ActiveX control to disable it. That, however, requires users to edit the Windows Registry, something many are unprepared to do. In the past, Microsoft's suggestions to set specific kill bits have been taken up by third-party researchers, who have cranked out automated tools for turning off the control.
Another tactic, said Microsoft, is to disable all ActiveX controls in Internet Explorer from the dialog that appears after selecting Tools|Internet Options.