Security Defect Found in Microsoft Explorer
The glitch reportedly causes Internet Explorer to automatically open specially-coded attachments in e-mail without warning, possibly unleashing programs that could do anything from sending users a harmless message to deleting files from their computers, the Redmond-based software company warned late Thursday.
Scott Culp, Microsoft's security program manager, said Friday the flaw is contained in "a few" out of several hundred Multipurpose Internet Mail Extensions, or MIMEs, which are used to encode files as e-mail attachments.
The problem should not be overrated, provided you take sensible precautions. As Microsoft itself commented, "as a general rule, it is probably worth questioning the trustworthiness of any e-mail that automatically starts a file download. The best action is to simply click the Cancel button in the dialogue."
Microsoft has developed a patch that can be downloaded  from the company's Web site.