In an announcement that won’t actually surprise many people, Microsoft has announced that there is a potentially serious flaw in Windows which could render Internet Explorer vulnerable to malicious files and viruses.
If it sounds familiar, it’s because Microsoft announced a similar flaw back in December 2010:
For instance, an attacker could construct an HTML link designed to trigger a malicious script and somehow convince the targeted user to click it. When the user clicked that link, the malicious script would run on the user’s computer for the rest of the current Internet Explorer session. Such a script might collect user information (eg., email), spoof content displayed in the browser, or otherwise interfere with the user’s experience.
As such, users of Internet Explorer may find themselves at risk to hacking and phishing attacks as unscrupulous people attempt to steal valuable information – so take extra care until this problem is fixed.
If you’re using Internet Explorer, a temporary fix is available here.