The open door applies to people running Windows XP or who have disabled IE Protected Mode.
The advisory says: “Our investigation so far has shown that if a user is using a version of Internet Explorer that is not running in Protected Mode an attacker may be able to access files with an already known filename and location. These versions include Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service 4; Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4; and Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows Server 2003 Service Pack 2. Protected Mode prevents exploitation of this vulnerability and is running by default for versions of Internet Explorer on Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008.”
It happens because content is forced to render incorrectly from local files, leaving access to “malicious websites”.
The good news is that no-one so far appears to be attempting to use the open door, and Microsoft said it will monitor the threat environment.
A fix to the problem will either be offered through Microsoft’s monthly update, or an out of cycle security update. The advice Microsoft is offering is here.