Google warns of IE security flaw

Microsoft Security Advisory (2501696)Google has issued a security warning to users of Microsoft’s Internet Explorer. The software giant claims that a politically motivated attack is being made on IE via a popular social networking site; although they don’t go into detail about which one it is.

The exploit in IE is down to a flaw in MHTML which could allow someone to execute malicious script, taking over the infected PC. Microsoft has released a temprary fix which you can grab here. The exploit affects users of XP, Windows 7, Windows Vista, Windows Server 2003 and Windows Server 2008 (that includes both 32-bit and 64-bit editions)

From Microsoft:

Microsoft is investigating new public reports of a vulnerability in all supported editions of Microsoft Windows. The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various Web sites, resulting in information disclosure. This impact is similar to server-side cross-site scripting (XSS) vulnerabilities.

Related:
Internet Explorer 9 goes live
Firefox 4 out of beta, first release candidate available
Skype serving up advertisements next week
Google announce Chrome 10.0
Facebook keeping ‘abreast’ of nudity guidlines