SUMMARY
A simple way to exploit an unfixed defect in Internet Explorer has been discovered that allows malicious web sites, and possibly malicious email messages read with Outlook or Outlook Express, to take control of a computer. All you would need to do is click a web link and the owner of the web site could take almost any action they desired on your computer.

Simple, working exploit software was recently published to a public mailing list.

There is no patch to fix the problem. Anti-virus and personal firewall software will not prevent an exploit. It is hoped that Microsoft will provide a patch to fix this defect in the near future.

The defect has been verified in Internet Explorer 5.5 and 6 SP1 running on Windows 98 and XP SP1 respectively. It is likely all varieties of 5.5 and 6 are vulnerable. A quick attempt on a Windows 95 computer running IE 5.0 was unsuccessful but not enough research was done to know why.

they say they can reformat an entire drive

yikes!!!

read it here
http://www.jmu.edu/computing/security/info/iehot.shtml

http://online.securityfocus.com/archive/1/298748


this website can help maximize ie safety
http://www.jmu.edu/computing/info-se...s/ie.shtml#opt

egghead