"While that doesn't tell us much, the knowledge base article (or
"KB") 960714 referenced does spill the beans.
"Fundamentally, it was discovered that program code -- of a
malicious person’s construction -- be executed on your
computer, if a user views a specially crafted web page with IE.
"In particular, a rogue script can allocate a block of memory
(an array) then apparently release it without updating the array's
length, meaning that the block of memory still remains
"Then, if data binding is enabled (which it is, by default), a
rogue web page can take advantage of an incorrect handling of
certain XML tags within IE to cause the browser to pass control to
the supposedly free memory location."
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.