

If you've never tried Firefox, Safari, Opera Google Chrome or other Internet Explorer alternatives, now might be a good time. Microsoft's flagship browser, the default choice on countless Windows machines, currently has a serious security flaw that affects all versions of the browser running on any version of Windows. The vulnerability allows hackers to gain access to any sensitive data on your PC.

Even more worrying, the exploit is already in the wild and no there's no fix in sight, leading a number of security researchers to suggested that, in the interest of avoiding malicious software, users switch to another browser.

If you're the pry-it-out-of-my-cold-dead hands sort of IE fan, there is one bright side to news that some 10,000 sites are ready to pwn your PC: so far the sites are mostly Chinese and the malicious software is mainly after passwords for computer games, which can be sold on the black market.

But given the scope of the flaw and the fact that Microsoft has yet to release a patch, don't expect that to last. Eventually far more sophisticated trojans will likely emerge with far more dangerous goals.

Obviously Microsoft isn't recommending you ditch IE (though the company didn't hesitate to suggest dumping Apple's Safari browser when it suffered from a far less serious vulnerability). Instead the company has released a security bulletin with possible workarounds, including running IE in Protected Mode and running Windows as an non-administrative user (to limit the damage an attacker can inflict).

Microsoft also says it is investigating the flaw and may push out an emergency software patch, rather than wait for the next monthly patch cycle to roll around.

See Also: