A major flaw in Microsoft’s Internet Explorer that allows hackers to gain the password details of the user has been publicised.
The publicly available exploit code works by convincing the PC user to view a specially crafted XML document, through which an attacker could execute arbitrary code with administrator privileges.
According to antivirus firm Trend Micro, up to 10,000 website could have been compromised with malware relating to this vulnerability.
Although Microsoft has said that it is continuing its investigations of reported attacks, it has revealed that attacks have occurred against browsers using Windows Internet Explorer 7.
The vulnerability also exists on supported editions of Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008 including all the service pack variants.