This weekend, Microsoft announced that it had discovered a new vulnerability in Internet Explorer that could let unauthorized remote users (read: hackers) access and take control of your computer. Once again, it’s only users who haven’t upgraded their browsers or their operating systems who were in danger of getting taken over. The new security exploits are only applicable to users running outdated IE 6, IE 7, or IE 8.
Given that Internet Explorer 9 came out almost two full years ago, the fixes go to show just how many people inevitably fall behind on their updates. In this instance, the security flaws were introduced to the system through an installation of Adobe’s Flash plug-in software. One of the more nefarious things about this exploit is that users can be overrun simply by visiting the wrong website; sometimes the website can be hosting the malicious software completely unknowingly.
In one such example, VentureBeat quoted security firm FireEye in saying that the website for the Council on Foreign Relations, a non-partisan think tank, has been infecting people since as early as December 21st.
Users who haven’t updated their browsers to the current version should apply the Microsoft fix immediately; you can get it here, straight from Microsoft: http://support.microsoft.com/kb/2794220
More than anything, however, this incident goes to show that proper preparation is the best defense against any security woes. If you update your copy of Internet Explorer to IE9 or IE10, you’ll be safe. Additionally, any users running Windows 8 are safe, as the operating system ships with Internet Explorer 10 by default.