Internet Explorer "javaprxy.dll" Memory Corruption Vulnerability
Good old Internet Exploder has a new "extremely critical" vulnerability listed on Secunia.
Quote:
The vulnerability is caused due to the javaprxy.dll COM object being instantiated incorrectly in Internet Explorer via the object tag. This can be exploited via a malicious web site to cause a memory corruption.
Successful exploitation allows execution of arbitrary code, but requires that the file "javaprxy.dll" exists on the system.
NOTE: "javaprxy.dll" is included with Microsoft Java Virtual Machine. Exploit code is publicly available.
The easy fix to this is to stop using a broken virtual machine and go and get Sun's version instead. :)