A security researcher has credited McAfee for helping him to develop exploit
code that cracks open an unpatched flaw in older versions of Internet Explorer.
Moshe Ben Abu (AKA Trancer00t) developed exploit code for the flaw in IE 6
and 7 in knocking-up an exploit module for the open-source Metasploit exploit
"I didn't find the vuln', just found it in the wild. With a little help from
McAfee (http://j.mp/c4W3xA) :-)," the Israeli security researcher noted in a
Twitter update on Thursday.
Microsoft acknowledged that the flaw, which stems from an invalid pointer
reference, affects IE 6 and 7 and creates a possible mechanism for hackers to
drop malware onto vulnerable systems. IE8, the latest version of Microsoft's web
surfing software, isn't vulnerable.