Internet Explorer is the most insecure existing browser. We have already heard about the flaws in Internet Explorer, I am not going to list them again, But you can still read my previous post regarding internet explorer flaws. Today I am going to unleash another weakness in Internet Explorer that could allow any hacker/attacker to execute any code on your PC, and hacker can also attempts to demonstrate the site or HTML e-mail.
This exploit can then be used to create the VBA macros access to data files. If this file is accessible through the dead Internet Explorer, any application can be executed automatically without any prompt. This is very dangerous to open an email using this exploit because it runs on any computer with Internet Explorer and Microsoft Access 2000.
In Outlook 2000, VBA embedded code can be executed automatically, even in high security. GFI Security Engineer, Sandro Gauci says that the malicious code can do almost everything on the victom’s machine. The aim of this vulnerability is to exploit by an e-mail using the IFRAME HTML tag e-mail or window.open, Outlook Anti Spam, () with a label that allows Internet Explorer to automatically access it.
Microsoft Windows machines running MS Access and Internet Explorer 6 can be used in this exploit. With this Outlook Express 2000, Windows 98, Outlook 98 and 2000 are also the victims of this exploit.
via [Outlook Anti Spam]