The first exploit has been released based on the bit of code which was leaked onto the internet.

It is reported that a remote user can create a specially crafted bitmap file that, when loaded by IE, will trigger an integer overflow and execute arbitrary code.

The author states that this flaw was found by reviewing the recently leaked Microsoft Windows source code. The flaw reportedly resides in ‘win2k/private/inet/mshtml/src/site/download/imgbmp.cxx’.

The report indicates that IE 5 is affected but that IE 6 is not affected.

That didn’t take long! I’m sure this is just the first of a series of exploits which will be released in the weeks to come.