A critical Internet Explorer vulnerability, announced and patched by Microsoft in June's
Patch Tuesday, is being exploited in the wild.
The vulnerability is
CVE-2012-1875 (don't expect any detail - this link is just boilerplate stuff), patched in
MS12-037.
SophosLabs has seen numerous attempts to exploit this vulnerability (Sophos products detect it as Exp/20121875-A).
Cunningly-crafted JavaScript code - which can be embedded in a web page to foist the exploit on unsuspecting vistors - is circulating freely on the internet.
