Symantec has just reported a new 0day security vulnerability in Internet Explorer that could allow someone to take over your computer.
For you non-geeks a 0day (or zero-day, or 0-day) is a vulnerability without a patch. In other words, you can’t fix the flaw on your computer so you either have to block the attacks before they hit you or disable the vulnerable software.
While details are sketchy it looks like this particular vulnerability could allow an attacker to take over your computer when you visit a website with the attack code on it. This isn’t the first time we’ve seen this in Internet Explorer (and a few other browsers) but if you’ve ever found some nasty spyware or a bot on your computer it’s quite possible this is how you got it.
Especially if you go to “those” sites. Yes, you. Stop pretending you don’t know what I’m talking about.
While you can turn off ActiveX in your browser at this point I recommend using an alternate browser until this flaw is patched. If you’re reading this site odds are you already use Firefox, but if not go and install it right now by clicking here.
You can also download the beta of Internet Explorer 7, which seems to be safe.
You Mac users are safe. Personally I use Safari and Firefox on my Mac, but I still use Internet Explorer for some sites on my PCs. Rumor is IE7 is pretty good, and much more secure than current versions, for those of you that want to keep using IE.
Don’t forget to tell grandma…