[[In an advisory, Microsoft recommended people
use DEP, which
by default is enabled in IE 8 but must be turned on in prior versions.
The statement also advised
users on Vista and later versions of Windows to run IE in protected mode. The advisory didn’t say when an update would be released that patches the vulnerability.]]
http://cyberinsecure.com/0-day-vulne...hinese-attack/