Microsoft announced today of new attacks against IE6 and IE7. An unpatched bug that attackers have been recently exploiting, which injects malicious code the computer. The oldest IE 5.01 and the newest IE 8 respectively, are not vulnerable to such attacks. The best way to defend from these attacks is to "Modify Access" to the "iepeers.dll". "Disable Scripting" in the browser and enable DEP (Data Prevention Execution) The next patch "Tuesday" is April 13th, just 5 weeks away. Exactly when Microsoft can patch the bug is uncertain because of tests and scheduling, but and out of band fix is certainly possible.