Microsoft Warns over IE Security Hole

As users of Microsoft products are probably aware, Microsoft releases security updates on the second Tuesday of each month. However, this time there’s a security hole in Internet Explorer that they’ve haven’t yet patched, and it’s so serious that users are advised to immediately apply a workaround fix.

This particular vulnerability lets attackers infect the victim’s computers (running Windows XP or Windows Server 2003) after they’ve clicked on a video link in Internet Explorer. The vulnerability allows attacker to run arbitrary code under the same user rights of the local user. The worst part of it is the fact that this is not some theoretical hole; Microsoft clearly states that they’re already aware of malicious hackers exploiting this vulnerability.

If you’re running IE under Windows XP or Windows Server 2003, you should go apply the emergency fix, which can be found here, right away. The real patch will likely come in seven days, with Microsoft’s regular security update bundle.