Microsoft warns of 'highly critical' IE flaw

Flaw affects interface to a debugger in Microsoft Java Virtual Machine

A newly discovered flaw in Internet Explorer could allow hackers to take " complete control" of compromised systems, according to a Microsoft security advisory issued today. 

The flaw, uncovered by security service vendor SEC Consult, is in an interface to a debugger in the Microsoft Java Virtual Machine.

The vulnerability could be exploited either by getting an unwitting user to visit a specially designed web page or by hackers embedding code in a legitimate web page. 

"Microsoft is investigating a new public report of a vulnerability affecting Internet Explorer," the software giant said in a statement.

"We have not been made aware of any attacks attempting to use the reported vulnerability or any customer impact at this time, but we are aggressively investigating the public report."

The flaw affects Internet Explorer 5.01, 5.5, and 6.0. Danish security analysts Secunia has rated the flaw 'highly critical' and recommends setting internet and local intranet security zone settings to 'High'. 

Microsoft Security Advisory (903144)