http://news.cnet.com/
Another flaw in IE 6 found
http://news.cnet.com/Another-flaw-in-IE-6-found/2110-1002_3-6130388.html
Story last modified Fri Oct 27 15:21:34 PDT 2006
Microsoft is investigating a flaw in Internet Explorer 6, according to a posting on the software maker's Security Response Center blog. The ADODB.Connection ActiveX control in Internet Explorer 6.x may contain a vulnerability that can cause memory corruption, and therefore crash the browser.
It is possible this new threat, considered by Microsoft to be a low risk, could be used by criminal hackers for so-called "drive-by" downloads. This vulnerability has been assigned a National Vulnerability Database number of CVE-2006-5559. For instructions on disabling ActiveX, see this US-CERT document.
