The vulnerability stems from a buffer overflow condition in IE for an XML component called Vector Markup Language (VML). VML handles vector images that are specified via XML inside of an HTML page. According to Verisign's iDefense Labs division, attackers are using the vulnerability as an attack vector to download Trojans ...