Thousands of Web sites can be exploited, and there isn't a simple solution against this attack at least until IE is fixed.
More Quotes from Matan Gillon:
Much like classic XSS cross site scripting holes, this design flaw in IE allows an attacker to retrieve private user data or execute operations on the user's behalf on remote domains.Matan Gillon
Normally, browsers impose strong restrictions for cross-domain interaction through the Web browser. A certain Web page can make a user browse to a different domain. However, it may not read the content of the retrieved page.... In IE these restrictions ... are broken when it comes to CSS cascading style sheet imports. I call this attack CSSXSS or Cascading Style Sheets Cross Site Scripting.
Matan Gillon
Readers Who Like This Quotation Also Like:
They want the Olympics. We ought to make sure they don't get the Olympics.George Nethercutt
Wealth often takes away chances from men as well as poverty. There is none to tell the rich to go on striving, for a rich man makes the law that hallows and hollows his own life.
Sean OCasey
I made a mistake when I said there were no gas chambers at Auschwitz.
David Irving