Ed Bott: A new zero-day security hole in all versions of Windows is the subject of “targeted attacks,” Microsoft says. The flaw, according to Microsoft Security Advisory 2488013, occurs when an attacker exploits “the creation of uninitialized memory during a CSS function within Internet Explorer.” The result? “It is possible under certain conditions for the memory to be leveraged by an attacker using a specially crafted Web page to gain remote code execution.”
