An unknown hacker released the exploit on the Milw0rm website on Monday — more than a month after Microsoft released a fix for the flaw as part of its February Patch Tuesday distribution.
The vulnerability exists in ADODB.Connection ActiveX object and can cause memory corruption or remote attacks, according to an updated advisory from US-CERT.
The flaw can be exploited when handling the "Execute ()" method, according to a February advisory from Secunia.
Secunia created researcher Yag Kohha with reporting the flaw.
When Redmond released a patch for the IE flaw in February — during a 12-patch distribution for 20 flaws — the fix was largely overshadowed by a single patch that corrected a list of zero day exploits in Microsoft Office.
A Monday alert from Websense Security Labs credited H.D. Moore, who published a DoS demonstration, with the original exposure of the vulnerability during his Month of Browser Bugs in July.
Websense warned that the exploit could become prevalent in the malicious user community.
"This type of vulnerability has been very popular with malicious attacks in the past and we expect to see its usage increase substantially now that exploit code is publicly available," read the advisory.
A Websense spokeswoman referred requests for comment to the published alert because Websense researchers were not available for comment.
Exploit code released for patched Microsoft Internet Explorer flaw
By Frank Washkuch on Mar 28, 2007 1:20AM