The vulnerability is the result of a dangling pointer in IE and there is a working exploit for the flaw circulating online. The flaw lies in the way that Internet Explorer handles CSS data. CSS is a technology that’s used in many sites to help present information in an organized manner. Specifically, the vulnerability is in the mshtml.dll, the Microsoft HTML Viewer.
According to an analysis by Vupen Security, an attacker could exploit the flaw either to crash a vulnerable version of IE, or to run arbitrary code on the user’s machine. There is no patch available for the vulnerability. The SANS Internet Storm Center also has an analysis up.
A vulnerability has been identified in Microsoft Internet Explorer,
which could be exploited by attackers to compromise a vulnerable
system. This issue is caused by a dangling pointer in the Microsoft
HTML Viewer (mshtml.dll) when retrieving certain CSS/STYLE objects via
the “getElementsByTagName()” method, which could allow attackers to
crash an affected browser or execute arbitrary code by tricking a user
into visiting a malicious web page.
Microsoft has not yet published any advisories on the new IE vulnerability.