Danish security company, Secunia, have informed Microsoft of a potential problem with IE6. The bug could help fake websites look real by making the fake website address look like the real site. Web surfers usually spot fake sites because of the address.
A statement by Microsoft read: "Microsoft is investigating new public reports of a possible vulnerability in Internet Explorer. We have not been made aware of any active exploits of the reported vulnerabilities or customer impact at this time."
Microsoft is angered by the public outing of the flaw saying: "We believe the commonly accepted practice of reporting vulnerabilities directly to a vendor serves everyone's best interests.." Secunia posted the flaw before telling Microsoft.
Source