Hyy

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer versions 6 SP1 through 7 **Description** A use-after-free issue allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, such as the `by` property of an `animateMotion` SVG element. This can be exploited through a specially crafted Web page, potentially allowing an attacker to gain the same user rights as the logged on user. **Recommendations** For Microsoft Internet Explorer versions 6 SP1 through 7, consider disabling the use of SVG elements, specifically the `animateMotion` element, until a patch is available. Restrict access to Web pages that could potentially exploit this issue to minimize the risk of remote code execution.