Blogs

http://www.microsoft.com/technet/security/bulletin/ms06-070.mspx - This is a remote exploit for Win2000 and a local exploit for WinXP.

There are three vulnerabilities for Internet Explorer 7 at this time.

Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy.

It can can result in a DoS attack on any server that is using a version of openssl
(does not affect openssl versions earlier then 0.9.7). They have
patched openssl and released 0.9.7l and 0.9.8d.