The flaw, which is being leveraged in "limited, targeted attacks," allows remote code execution, Microsoft warns.
Excel 0-day threat
The antivirus program didn't do so hot in a recent test, which isn't sitting well with the folks at Redmond.
A vulnerability in the Java software has the potential to affect a wide swath of computer users, and researchers warn that it's already being exploited "in the wild."
With no fix available yet, Microsoft has a few words of wisdom for users who don't want to be bit by the newly-discovered bug.
Researchers say a previously unknown hole in IE has already been used to deliver a trojan in real-world attacks.
Google says that the exploit Chromium contributor Sergey Glazunov discovered has already been fixed. It has also patched another exploit announced at Pwn2Own 2012.
The winner, Sergey Glazunov, was the first to submit an entry in Google's Pwnium competition to find security exploits in Chrome.
New 'cross_fuzz' tool is designed to find bugs in Web browsers and needs fast distribution because of an IE vulnerability leak, researcher says.
Attackers target specific organizations, sending employees e-mails directing them to a Web site where exploit code could take over their computers.