Microsoft Warns Users Of IE Related Security Flaw…. Glad I Use Firefox [UPDATED]

Here’s a shock. Microsoft’s Internet Explorer has a security hole that is serious enough that Microsoft has put out a security advisory on the subject:

“Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer. Our investigation so far has shown that these attacks are only against Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008. Microsoft Internet Explorer 5.01 Service Pack 4, Microsoft Internet Explorer 6 Service Pack 1, Microsoft Internet Explorer 6, and Windows Internet Explorer 8 Beta 2 on all supported versions of Microsoft Windows are potentially vulnerable.”

Well that’s not good.

The flaw lets criminals take over computers merely by tricking them into visiting web sites with malicious code installed on them. As many as 10,000 sites might have been taken over according to this AP report.

For the time being, the advice that I would have for you would be to switch to Chrome, Firefox, Safari, or Opera until the dust settles. But if that’s not possible, here’s Microsoft’s advice for those who are sticking with IE:

  • Change IE security settings to high (Look under Tools/Internet Options)
  • Switch to a Windows user account with limited rights to change a PC’s settings
  • With IE7 or 8 on Vista turn on Protected Mode
  • Ensure your PC is updated
  • Keep anti-virus and anti-spyware software up to date

The hole will be fixed likely with an emergency out of cycle patch. Given the scope of this issue, Microsoft really has no other choice but to get this out the door ASAP.

Meanwhile, the Mac Fanbois and LINUX geeks are likely dancing in the streets over this latest Microsoft screw up.

UPDATE: As if on cue, Firefox 3.0.5 has hit the streets. You can view the changelog here, or just download it from here.

Leave a Reply

%d bloggers like this: