We've received some reports about the recent unpatched Internet Explorer vulnerability being exploited in the wild. The exploits are based on publicly available proof-of-concept code that exploits the processing of the createTextRange() function.

At the moment, there's no patch for the vulnerabilities. Please read the following links for more detailed information about the vulnerability and possible workarounds:

http://www.securityfocus.com/bid/17196/info
http://www.microsoft.com/technet/security/advisory/917077.mspx
http://secunia.com/advisories/18680/

F-Secure Anti-virus detects HTML pages containing the exploit code as variants of Exploit.JS.CVE-2006-1359.