imageMicrosoft is investigating a publicly reported vulnerability in Internet Explorer for customers running Windows XP or who have disabled Internet Explorer Protected Mode. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.

Our investigation so far has shown that if a user is using a version of Internet Explorer that is not running in Protected Mode an attacker may be able to access files with an already known filename and location. These versions include Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service 4; Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4; and Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows Server 2003 Service Pack 2. Protected Mode prevents exploitation of this vulnerability and is running by default for versions of Internet Explorer on Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008.

The vulnerability exists due to content being forced to render incorrectly from local files in such a way that information can be exposed to malicious websites.

For all the details see http://www.microsoft.com/technet/security/advisory/980088.mspx

We also have one of our cool new Fix Its that will automagically make the appropriate changes for you: http://support.microsoft.com/?kbid=980088

J.C. Hornbeck | System Center Knowledge Engineer