IE zero-day

What is it?

An unpatched vulnerability in Microsoft Internet Explorer is currently being actively exploited. The vulnerability was initially reported via public mailing lists as a browser crash (DoS). However, it was quickly determined by various researchers, including internally at Secunia, that the vulnerability allows execution of arbitrary code on a user’s system when viewing a specially crafted web page.

How does it work?
Internet Explorer supports CSS style sheets, which may be included via an @import CSS command. However, a use-after-free error within mshtml.dll when handling recursive CSS style sheet references (i.e., when a CSS style sheet references itself) can be exploited to de-reference already-freed memory in a manner that makes it possible to gain control of the program flow.

How can I prevent it?
Microsoft has yet to patch. However, in the meantime, a temporary Microsoft FixIt solution has been made available. This implements a check in mshtml.dll to prevent recursive loading of CSS style sheets.

Source: Carsten Eiram, chief security specialist, Secunia