Researchers issued a signature update to protect users against a flaw in the way IE7 parses web pages in preparation for printing.
The bug could allow a remote attacker to execute arbitrary code on a victim's machine if the victim tries to print a specially-crafted web page while including a table of links.
The vulnerability was discovered by independent security researcher Aviv Raffon, who also released proof-of-concept code.
"This exploitable vulnerability results from a combination of coding mistakes and sloppy security thinking," said BitDefender innovations product manager Alexandru Balan.
"The code has numerous bugs but it is also executed in a lower-security context than it should be and the combination opens a way for hackers to compromise a system."
BitDefender researchers warned that the exploit is well-suited for use in targeted attacks.
The firm advised all users of Internet Explorer to refrain from printing web pages with the 'Print Table of Links' option enabled until a fix is released.
BitDefender issues fix for IE7 printing bug
By Clement James on May 26, 2008 12:03PM