Code that takes advantage of a security hole in Internet Explorer has been published on the Web and could be used by someone to unleash an e-mail virus that could put people's computers and data at risk, Microsoft and security experts said Thursday.
Some have rated this virus with a severity of 10, because it can be remotely exploited and an exploit has been released. A level 10 is the highest. This is the third security flaw Microsoft is investigating this week. Microsoft said a fix would be available in the upcoming security release.
"We have seen examples of proof-of-concept code, but we are not aware of attacks that try to use the reported vulnerabilities, or of customer impact, at this time," Microsoft said in a security advisory posted on its Web site.
People using so-called fully patched versions of IE 6 and Microsoft Windows XP with Service Pack 2 are affected.
N Ovate Web Services strongly urges you to avoid visiting untrusted Web sites and to avoid opening e-mail attachments from unknown senders. We also recommend changing the IE settings to disable Active Scripting. Another suggestion is to use a browser that's not affected by the vulnerability.
We furthermore, recommend, if you don't already have an active anti-virus software that is up to date, and one that has a mechanism to update itself by going "Live", you should get one immediately.
If you have any questions about computer viruses or web services, please don't hesitate to contact us. Thank you.