CERT has issued a warning against a new web based threat entitled a "Cross HTTP Response Splitting Session Fixation Smuggling Scripting Vulnerability". According to the founder of DSHIELD Johannes Ullrich
Vulnerability details are scarce but initial reports are that 100,000,000 machines have been comprimised. Chief Cracking Officer Marc Maiffret of eEye has issued an unofficial patch that users can download on their website.
Microsoft already has a patch available on their website.
If you have any additional information please contact us on our contact form and we'll update this page with the latest details.