Users of Microsoft’s Internet Explorer are advised to shift to other browsers due to a serious security flaw in IE according to Gaurdian. The security flaw was spotted last week when hackers started attacking IE 7 users. Other versions of IE, IE 5 and IE 6 are also vulnerable to the flaw.
Microsoft is trying to patch the flaw but mean time you can use other browsers which are not exploited by the flaw like Firefox or Opera.
The flaw in IE allows criminals to gain control of computers that have visited a website infected with malicious code designed to exploit it. While restricting web surfing to trusted sites should reduce the risk of infection, the malicious code can be injected into any website. Users do not have to click or download anything to become infected, merely visiting an infected website is sufficient.
Antivirus software specialists Trend Micro believe as many as 10,000 sites have been hacked to exploit the flaw.
Microsoft has a security advisory on the flaw and advised to do the following things
Protected Mode in Internet Explorer 7 and Internet Explorer 8 Beta 2 in Windows Vista limits the impact of the vulnerability.
By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode that is known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone.
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.