After reading the full-disclosure list for more ASP.NET vulnerability information, I came across a report of spyware installing on fully-patched XP SP2 IE instances.
The thread is here. Basically, a site is forcing a CAB file down user’s throats without any sort notification. If you want to try it out in VMWare or some other safe environment, jump to the URL http://www.themexp.org/about_wrap.php.
I can’t repeat it enough: Install Firefox today.Read full post