Researchers have uncovered new, currently unpatched vulnerabilities in multiple versions of Internet Explorer that criminals are actively exploiting to surreptitiously install unusually advanced malware on computers that visit booby-trapped websites.
The vulnerabilities in various configurations of IE versions 7, 8, 9, and 10 running on Windows XP and Windows 7 are separate from the
Microsoft Windows and Office graphics flaw that's also under active exploit at the moment. According to researchers at security firm FireEye, the IE-targeted exploits arrive as a classic drive-by attack that's found on at least one breached website located in the US.