Microsoft reports that Internet Explorer was one of the vectors used in attacks against Google and possibly other corporate networks. The company said in a statement that it “continues to work with Google, other industry partners and authorities to actively investigate this issue.” It added, “To date, Microsoft has not seen widespread customer impact, rather only targeted and limited attacks exploiting IE 6.” “A Security Advisory 979352 is issued to help protect customer to mitigate IE’s Remote Code Execution (RCE) vulnerability.” “Anyone affected, visit here and should contact national law enforcement agency. US users can contact Customer Service and Support at no charge using PC Safety hotline at 1-866-727-2338 (PCSAFETY). Additionally, US customers should contact local FBI office or report here. International customers can find their Regional Customer Service Representative. We’re also working with Microsoft Active Protections Program (MAPP), Microsoft Security Response Alliance (MSRA), authorities and other industry partners to help provide broader protections for customers,” stated MSRC.
More information on Assessing risk of IE 0day vulnerability is available on SRD blog.