This flaw is present in every version of Internet Explorer – from 6 to 11 – stretching back more than a decade.
You have no defense with the latest Windows systems, either; the program is vulnerable no matter which version of Windows you are running.
The bug is a drive-by hack; all you have to do is visit a site that hackers have hijacked or modified and you’re infected.
The bad news: As I’m writing this, there’s no permanent fix and Microsoft is still researching the problem.
Updated 4/28 at 1:30 p.m.: A fix for one part of the problem is available from Adobe. Read on to learn more.
A warning for XP users: If Microsoft holds firm on its “no XP updates” policy, this flaw will never be fixed for XP users. And this is just the first of many problems that won’t be fixed. I strongly recommend you upgrade to a newer version of Windows as soon as possible. Click here to read everything you need to know about the end of XP.
However, there are a few steps you can take to keep your computer safe.
UPDATE ADOBE FLASH
So far hackers have been using Adobe Flash as the delivery system for this attack. Adobe rushed out a fix for Flash to prevent this from happening. Click here to update to the latest Flash version.
While this should stop attacks for the moment, hackers will probably find another approach sooner rather than later. Until Microsoft fixes the underlying problem in Internet Explorer it still isn’t 100 percent safe to use.
SWITCH BROWSERS
This flaw only affects Internet Explorer, so switching to another browser will instantly stop the threat. Firefox and Chrome are both good free alternatives.
If you want, you can switch back to IE once this flaw is fixed, but you might find you don’t want to.
XP users: You must switch to another browser permanently. IE 6, 7 and 8 weren’t very safe before, but they’re completely unsafe now. Click here for the three things you need to know about the end of XP.
INSTALL EMET
If you want to stick with Internet Explorer, Microsoft recommends installing its Enhanced Mitigation Experience Toolkit version 4.1. EMET’s recommended configuration will make some tweaks to IE that reduce the threat.
However, it may cause some websites you use to stop working. And EMET is really mean for companies, so it’s not very user-friendly if you want to tweak settings. If you run into problems using it, uninstall it and switch browsers.
XP users: EMET will NOT improve your security. The tweaks it makes are to settings not available in XP. You must switch browsers or upgrade to a newer operating system.
SWITCH TO A STANDARD ACCOUNT
If hackers break in to your computer using this security flaw, they can only use the Windows account that’s running Internet Explorer. That means if your account is set as a Standard account, it really limits what they can do. This is true of most other attacks as well.
If for some reason you or someone in your family insists on continuing to use Internet Explorer, please take the time to ensure that the computer is operating in a Standard account.
INSTALL UP-TO-DATE SECURITY SOFTWARE
This flaw lets hackers bypass most security software, but it’s still better to have it installed than not. Security software will catch most of the other threats out there – and there are a lot of threats out there.
You can download free security software from my Security Center.