Just a few weeks after OpenSSL’s Heartbleed Bug sent many online users into a frantic password changing frenzy, those that surf the web have another reason to question their online safety.
Microsoft announced that versions of Internet Explorer 6-11 have been affected by a “zero day” security flaw. FireEye, an online company specializing in security, announced the exploit over the weekend and estimates that 26.25% of the browser market is at risk. The security flaw is considered a “zero day” exploit because there were zero days warning to release a patch that could prevent an attack. Hackers can exploit the flaw and gain control of your computer by creating a fake website that installs malware when visited. With that control, hackers can steal personal, confidential, and even business information. Hackers have launched an exploitive campaign with the “zero day” weakness, which FireEye has dubbed Operation Clandestine Fox.
Homeland Security strongly suggests that online users give Internet Explorer the boot until Microsoft issues a security patch. Browsers such as Google Chrome and Mozilla Firefox are not affected by the bug.
Oh, and those still running Windows XP? Well, you’re pretty much SOL. No patches for you. Microsoft recommends upgrading to Windows 7 or 8.1.
Update: Adobe has released a security patch as of 3:18 p.m. ET.
