MS security advisory

[Rik]

Microsoft Security Advisory (943521)
URL Handling Vulnerability in Windows XP and Windows Server 2003 with Windows Internet Explorer 7 Could Allow Remote Code Execution
Published: October 10, 2007 | Updated: October 25, 2007

Microsoft is investigating public reports of a remote code execution vulnerability in supported editions of Windows XP and Windows Server 2003 with Windows Internet Explorer 7 installed. Microsoft is aware of proof of concept code that has been posted publicly and is continuing to investigate public reports. We are also aware of attacks that try to use the reported vulnerability.

This vulnerability does not affect Windows Vista or any supported editions of Windows where Internet Explorer 7 is not installed.

Customers in the U.S. and Canada who believe they are affected can receive technical support from Microsoft Product Support Services at 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates.

International customers can receive support from their local Microsoft subsidiaries. There is no charge for support that is associated with security updates. For more information about how to contact Microsoft for support issues, visit the International Support Web site.

Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through a service pack, our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

http://www.microsoft.com/technet/security/advisory/943521.mspx

[Simon]

I think this is also connected with that:

http://www.f-secure.com/v-descs/exploit_w32_adobereader_k.shtml

"This PDF malware is being spammed heavily through email and it appears to be an attachment. This PDF Exploit takes advantage of a vulnerability on URI handling PDF file. This vulnerability affects IE7, Adobe Acrobat and Adobe Reader on some platforms."

[Rik]

Oh good, double whammy time.