An
unpatched security hole in Internet Explorer that is being
exploited by hackers potentially affects all versions of the
browser, Microsoft says.
When the flaw was originally discovered it was thought it only
affected Internet Explorer 7. In an updated advisory,
Microsoft warns users that it potentially affects all Internet
Explorer users, including those using beta 2 for IE 8.
The advisory also tells users how they can better protect their
systems from attack with workarounds, in the absence of an existing
security patch.
The company recommends setting the internet zone security
setting on browsers to "high", and using access control lists to
counter the malware.
If users' computers are compromised by the malware, remote
attackers could have access to their machine's data.
Microsoft has not said when it will be ready to issue a patch.
Its next official monthly patching date is 13 January, but
something is expected before then.