Microsoft has issued an urgent security advisory for users of Internet Explorer (IE) 6, 7 and 8: Update your browsers immediately.
If you’re still using one of the older additions of Microsoft’s IE browser, you’re going to want to update to a newer version immediately, or even potentially switch browsers. A new “zero day” security hole was discovered over the weekend that could potentially allow hackers to take over control of your system when all you’ve done is visit an infected website.
“An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.” Microsoft said in its statement. The statement went on to say, “an attacker could host a website that contains a webpage that is used to exploit this vulnerability. In addition, compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability.”
The first site to be discovered to have been infected with the malicious code was that of the Council on Foreign Relations, a think tank and publisher. It is not known if this was an attempt to target users of the site, or simply the first one the hackers were able to inject the malicious code in to.
Microsoft is currently working on a patch and hope to have it issued as soon as possible. A workaround has already been issued – which you can find here – but no word as of yet when to expect a full security patch. This would also be an opportune time to update your browser to a more current version.