A big thanks goes out to The Inquirer for spotting this news first. Two new vulnerabilities where found in Internet Explorer yesterday according to the security website Secunia. A solution has been found, but you'll have to disable Active Scripting support for all but trusted web sites. For information about these two new vulnerabilities keep reading.
Two vulnerabilities have been reported in Internet Explorer, which in combination with other known issues can be exploited by malicious people to compromise a user's system.
- A variant of the "Location:" local resource access vulnerability can be exploited via a specially crafted URL in the "Location:" HTTP header to open local files.
- A cross-zone scripting error can be exploited to execute files in the "Local Machine" security zone.