New [GAS] Post- IE7 0-Day Exploits

The games hackers play.  They waited until Microsoft released the patches on Tuesday and then dropped a 0-day exploit that compromises hosts by taking advantage of a new flaw in XML parsing.  Thousands of hosts are already affected.  I have details written up over at Geeks Are Sexy here.  Go check it out.

To avoid being compromised, you will need to have Vista with IE7 running in protected mode or use a fully patched version of Firefox.