Microsoft has warned that the 900 million users of its Internet Explorer browser are at risk of having their computers hijacked and their personal information stolen by hackers.
The company has yet to develop a permanent fix for the security hole but users are being told to apply a temporary fix that prevents hackers from exploiting a hole to install malicious scripts. Users could be targeted simply by visiting an infected website.
In a security bulletin, Microsoft said the flaw affected all versions of Windows and although it had yet to encounter "indications of active exploitation of the vulnerability", the flaw was serious and it was aware of proof-of-concept code exploiting the issue.
Advertisement: Story continues below
"The main impact of the vulnerability is unintended information disclosure," said Microsoft's Angela Gunn in an accompanying blog post.
"For instance, an attacker could construct an HTML link designed to trigger a malicious script and somehow convince the targeted user to click it. When the user clicked that link, the malicious script would run on the user's computer for the rest of the current Internet Explorer session.
"Such a script might collect user information (eg., email), spoof content displayed in the browser, or otherwise interfere with the user's experience."
Scripts have plagued Internet explorer since it's birth. Glad I am using chrome/firefox.