After the exploit code for a new vulnerability in Internet Explorer was released, a new malware that exploits the said vulnerability was discovered. Trend Micro has detected a JavaScript malware JS_DLOADER.BXR that exploits this vulnerability to remotely execute code.

As this vulnerability is unpatched, users are urged to disable ActiveScripting as described in the previous posting.

UPDATE: Trend Micro has created a detection for the newest IE vulnerability, EXPL_TXTRANGE.A.