Internet Explorer Could Have a Huge Security Hole

Mashable
PNC Is Latest Bank Hit With Major Cyberattack
.

View photo

SOPA

Users of several Internet Explorer versions are being urged on Monday to switch to other browsers such as Chrome or Firefox amid news of a major security hole.

[More from Mashable: Microsoft CEO: Windows 8 is a Bigger Deal Than Windows 95]

According to Rapid7 security forum, a new zero-day exploit for Internet Explorer 7, 8, and 9 has hit computers running Windows XP, Vista and 7. Zero-day exploits involve software that takes advantage of a security hole within a site to carry out an attack.

This means that computers actively using Internet Explorer can be compromised by visiting a malicious site and give cybercriminals "the same privileges as the current user."

[More from Mashable: The Windows 8 RTM Upgrade Experiment]

SEE ALSO: 9 Things Businesses Need to Know About Web Security

Microsoft didn't immediately respond to a request for comment. The company has not yet released a security update to protect users or confirmed that there is indeed a security hole.

"The exploit had already been used by malicious attackers in the wild before it was published in Metasploit," the alert says on the Rapid 7 forum. "The associated vulnerability puts about 41% of Internet users in North America and 32% world-wide at risk (source: StatCounter). We have added the zero-day exploit module to Metasploit to give the security community a way to test if their systems are vulnerable and to develop countermeasures."

In the meantime, Internet Explorer users should consider switching to another browser, such as Google Chrome or Mozilla Firefox, at least temporarily. Those who are die-hard fans of Internet Explorer should proceed cautiously and upgrade to version 10 before using the web again.

Image courtesy of iStockphoto, PashaIgnatov

This story originally published on Mashable here.

View Comments (2)