Microsoft discovered a bug or as us techies call it zero day vulnerability in the Internet Explorer web browser.  The bug makes PCs vulnerable to attacks by hackers and malicious code.  The security flaw affects hundreds of millions of Internet Explorer browser users.  Microsoft said attackers can exploit the bug to infect the PC of somebody who visits a malicious website and then take control of the victim’s computer.

All but one supported edition of IE is affected: 2001’s IE6, 2006’s IE7, 2009’s IE8 and last year’s IE9. Together, those browsers accounted for 53% of all browsers used worldwide.  The only exception is  IE10, the browser bundled with the new Windows 8, which does not contain the bug.

Windows users are advised to switch from Internet Explorer to Chrome, Firefox or Opera until the bug is patched.  Microsoft did not say how long that will take, but several security researchers said they expect the update within a week.  The when Microsoft patches it will be rated “critical” the company’s highest threat ranking.


Microsoft will be releasing an out of band “critical” patch on Friday at close to 10 a.m. PT to patch this vulnerability.