New IE Bug Can Crash Browser

A newly discovered flaw in Internet Explorer can cause the browser to crash when visiting a malicious Web site, security firm Secunia said in an advisory Monday. The flaw was first discovered last week by security researcher Michal Zalewski and posted to a popular security mailing list.

"This might not come as a surprise, but there appears to be a *very* interesting and apparently very much exploitable overflow in Microsoft Internet Explorer," Zalewski wrote in the e-mail.

The problem is caused by an array boundary error in the handling of HTML tags with multiple event handlers. The issue can be exploited to cause Internet Explorer 6 to crash through a specially crafted HTML tag with 94 or more event handlers.

Secunia rates the vulnerability as "not critical," its lowest severity rating, and advised those concerned to avoid untrusted Web sites until the problem is addressed. So far, the problem has been confirmed to exist on a fully patched systems running Internet Explorer 6 with Windows XP Service Pack 2.

Microsoft said it was aware of the vulnerability and was investigating. "At this time, we are not aware of any attacks attempting to use the reported vulnerability," a spokesperson said.

The company would either provide a patch as part of its monthly Patch Tuesday updates, or issue an out-of-cycle update if it feels it is necessary.