Direct link to article... [littlegreenfootballs.com]
All versions of IE are potentially vulnerable to attack due to an unpatched critical flaw. Prior to Tuesday, it had been exploited only in a limited way, but now that it's been publicized, that's likely to change. "This exploit has quite a wide attack surface," said Websense Director of Security Research Alex Watson. "Seventy percent of all Windows computers would be vulnerable to this exploit."Microsoft revealed Tuesday it was investigating a previously unknown security flaw affecting all versions of its Web browser, Internet Explorer.
Hackers have attempted to exploit the vulnerability in targeted attacks on users of versions 8 and 9 of the browser, the company reported in a security advisory.
"The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer," the advisory says.
After Microsoft completes its probe of the problem, it will offer a solution, either through its "Patch Tuesday" maintenance cycle or through an out-of-cycle security update, according to the alert.
Meanwhile, a temporary fix that addresses the problem in 32-bit versions of IE is available for download. No fix is available for 64-bit users, but since the versions of the browser load and run differently, a flaw that affects one version of the program may not affect the other.
More: Heavy Attacks Expected as Microsoft Scrambles to Fix IE Flaw