Internet Explorer users under attack

A friendly note to all Internet Explorer users ...

If you're using IE (any version, ranging from 5.01 t0 8.0 beta 2) then you need to be aware of a new vulnerability which is set to become a big problem over the next few days.

I'm not going to rehash the details of this vulnerability other than to say that it's pretty serious and has the scope to affect a massive number of users.

Here's the scope of this vulnerability according to Microsoft:

Based on our stats, since the vulnerability has gone public, roughly 0.2% of users worldwide may have been exposed to websites containing exploits of this latest vulnerability. That percentage may seem low, however it still means that a significant number of users have been affected. The trend for now is going upwards: we saw an increase of over 50% in the number of reports today compared to yesterday.

For background and more information here are some links:

• Microsoft Security Advisory (961051)
• The new IE exploits for Advisory 961051, now hosted on pornography sites
• Clarification on the various workarounds from the recent IE advisory

The next official Patch Tuesday isn't until January 9, 2009 but I've heard whispers that we'll see a patch for this vulnerability out this side of the holidays.

Take care out there ... especially if you're still using IE!