In late May, Microsoft made available a "patch" to fix six newly identified vulnerabilities in versions 5.01, 5.5 and 6.0 of its Internet Explorer applications running on Windows systems. Here are six new vulnerabilities in Internet Explorer:

• Cross-Site Scripting in Local HTML Resource
  
• Local Information Disclosure through HTML object
  
• Script within Cookies Reading Cookies
  
• Zone Spoofing through Malformed Web Page
  
• Two "Content Disposition" Variants

According to DOE's Computer Incident Advisory Capability, the risk is HIGH. The most serious vulnerability may allow an attacker to run code of choice. The aggregate of severity is based on the types of systems affected by the vulnerability, their deployment patterns, and the effect that exploiting the vulnerability would have on them.

Detailed information about each vulnerability and a link for downloading the patch can be found in Microsoft's Security bulletin.