Researchers are fuzzy about the impact of a flaw discovered in Microsoft Windows Explorer, but US-CERT's advisory said there's exploit code out there for it.
At issue is Windows Explorer's failure to properly handle malformed Office documents. Although researchers aren't clear about the implications, the advisory said that it may allow an attacker to take over a system and execute arbitrary code. Crashing Windows Explorer is the least of the woes the flaw could cause, US-CERT says. EWeek has more.