Exploit code targeting the Internet Explorer vulnerability used against
Google and other companies has gone public, increasing the chances that broader
attacks will soon follow.
Both the open-source Metasploit framework and the commercial Immunity Canvas
software for penetration testers have working exploits that fully compromise
computers running earlier versions of the browser. The attacks target a
previously unknown invalid pointer reference bug in IE that attackers used to
penetrate the defenses of Google and dozens of other companies.