The short answer: it’s a bug in Internet Explorer that could, under certain circumstances, allow untrusted software to run - in other words, a vulnerability. The good news is that it’s been fixed.

The confusion arises from the fact that at least one popular spyware detection program reports the problem, but fails to apply its work around, and hence continually reports the problem. Even though it might not be a problem any more.

First, let’s be clear. The vulnerability in Internet Explorer has been corrected. If you’ve patched IE and are staying up to date with current patches from Microsoft, you’re safe, even if a DSO exploit is reported.

The confusion arises from a bug in Spybot Search and Destroy that continues to report the DSO Exploit problem, anyway. There are ways to force the report to go away, but it’s more trouble than it’s worth.

The bottom line: If you’re fully up-to-date on Internet Explorer patches, you can safely ignore Spybot’s report of a DSO Exploit. And update Spybot from time to time as well… they do plan to fix the reporting problem.

For additional related links, see What’s A ‘DSO Exploit’ And How Do I Get Rid Of It? at Ask Leo!.