[Overflow]

Quelle: Secunia

Description:
A vulnerability has been reported in Microsoft XML Core Services, which can be exploited by malicious people to compromise a users system.

The vulnerability is caused due to an unspecified error in the XMLHTTP 4.0 ActiveX Control.

Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website using Internet Explorer.

NOTE: The vulnerability is already being actively exploited.

Secunia Advisory

Microsoft Advisory

[Großer]

Oh, wie verwunderlich...
Da die Lücke auch im Server 2003 OS auftaucht, dürfte Vista auch davon betroffen sein.