In the past, users had to click on an e-mail attachment or page link to launch an invading virus. Juan Carlos G. Cuartango of Spain, however, has discovered a means of executing attachments using a false Multipurpose Internet Mail Extensions (MIME) header. The hole afflicts IE 5, IE 5.5 over all Windows platforms and could cause serious damage.

Microsoft Corp.'s bulletin on the subject said, "As a general rule, it is probably worth questioning the trustworthiness of any e-mail that automatically starts a file download. The best action is to simply click the Cancel button in the dialogue." A patch has also been issued.

For more information, read internetnews.com, newsBytes.com and computerworld.com.