IE 6 and IE 7 Vulnerability - Security Patch

Microsoft has investigated a new vulnerability in IE6 and IE 7 on public reports. The main impact of the vulnerability is remote code execution.

According to Microsoft  Internet Explorer 8 and Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4 are not affected, and that Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 are vulnerable.

The vulnerability exists due to an invalid pointer reference being used within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.

If you use any of the affected versions either upgrade or click here to know how to fix it.