Microsoft seems to have a tough time really. They go to great lengths to make better software for the mass market, and people go to greater lengths to sniff out any security vulnerabilities and the publish them to the net. In the news today is a report of the latest security vulnerability in the Internet Explorer browser.
This new bug apparently, according to reports, affects every IE user, which suggests that it is present in all versions from IE6 through to the latest IE9.
This is not any minor bug either, as if the reports are true, it can allow hackers to take control of your PC. That is really only one step from making your computer blow up in your face, as once someone controls your computer, they control all your personal data.
The problem is in Windows really, but the “attack” will come as a result of IE. This explains it a little better, I think:
“When the user clicked that link, the malicious script would run on the user’s computer for the rest of the current Internet Explorer session. Once the computer had been hijacked, hackers could use it to steal personal data or send users to fake websites, she added. Such a script might collect user information, e.g e-mail, spoof content displayed in the browser or otherwise interfere with the user’s experience.” Angela Gunn, Microsoft Spokesperson.
MS were quick to point out that so far there is no evidence that hackers have actually exploited this threat yet, so it may be a case of Microsoft discovering the problem before anyone else, which is certainly good news. However, now that they problem is public, it is suddenly vital that people start updating their browsers and Windows operating systems (which should ideally be set to auto-update anyway). Although the problem is not fixed yet, at least not in the OS software updates.
So, you need to download a patch. The full details can be found here: