Hackers working on the project open source Metasploit updated a software created to blitzkrieg the Internet Explorer, making it more reliable, although more likely to be used by criminals.

Security experts have been concerned with the failure since it was released the list of emails Bugtraq, on Friday (20/11). But the original code as an example in the list was not reliable, and has not been used in attacks in the real world.

"The Metasploit version that was released last night will be more reliable for certain attacks that the previous software," said Ben Greenbaum, senior research manager at Symantec, in an interview on Wednesday (25/11).

On Wednesday morning, Symantec had not detected the use of the tool on the Internet attacks, but experts say this type of code is for a very popular hacking technique called drive-by attack.

Code infiltration
Internet users become victims when they visit web sites that contain malicious code. It is then when their machines are infected by the vulnerability of the browser.

Criminals also infiltrate this type of code hacked websites, with the intention of spreading their attacks.

On Monday (23/11), Microsoft published a security advisory on the flaw, offering some workarounds for the problem. It affects versions 6 and 7 of IE.

The browser IE8 is not affected by the bug, which has to do with the way that IE retrieves certain objects Cascading Style Sheet (CSS) used to create a standardized layout on web pages.

IE users can update their more cautious navagedores or disable JavaScript, if you want to prevent attacks.