Newly discovered security flaws in Microsoft's Internet Explorer could let attackers invade a user's PC, but a fix is not yet available.

Danish security firm Secunia warned that when used together, the flaws could allow an attacker to execute malicious code on a user's PC.

The flaws were reported this week by researcher Liu Die Yu, who posted the information on public security messaging boards, and appear to exist on PCs that are patched with the latest Microsoft security updates. Users are advised to switch off active scripting in Internet Explorer until a patch becomes available, or to use a non-IE browser.

Instructions on disabling active scripting, which may keep some sites from functioning properly, are available from the Computer Emergency Response Team.

One of the flaws is a cross-site scripting vulnerability, allowing scripts from one security domain (such as the Internet) to execute with the security privileges of another domain (such as My Computer).

Secunia said it had verified the flaw on IE 6, but the problems may affect earlier versions of the browser. "Other versions may also be affected, and have been added (to the advisory) due to the criticality of these issues," the company said in a statement.

Microsoft has said it is investigating the issue, and may issue a fix as part of its monthly patch release, or separately, depending on the severity of the problem. Microsoft's last cumulative monthly patch was issued on Nov. 12.

Source: http://news.com.com/2100-1002_3-5112198.html?tag=nefd_top

Get ready for another patch.

Hopefully after all this crap...internet explorer 7.0 will be a lot better.....whenever it comes out.

6.0 has been out for like what? 2 years now? Netscape has been making new versions every month.

you have to contine to make new versions, longer a software is out, the more people have time to figure out how to hack it, devolope ways to destroy peoples computers as well as steal information.

This is one of the reasons I switched to Firebird.
:blah

rainbowdemon is right, go with firebird, it is just hands down the best browser.

something new with a MS product? I think not they do sloppy work to begin with therfore they must cover there shitty work with patch after patch. Save you're soul now Check out Opera Browser (http://www.opera.com) :gj

l8

I patch all my software regularly. Hopefully no one will take over my computer between now and when the patch for this is released.
Swapping browsers is just moving from one problem to a different one. The solution to problems with p2p apps, web browsers, media players etc. is not to change what you are comfortable using. The solution lies in actually fixing the problem.

Firebird is your salvation...Screw IE. And don't buy into frontends like MyIE2.

I also love the new download manager they just put in. It will only get better and better.

GO FIREBIRD

I agree Go with Firebird.

i laugh at the brainwashed dumbfucks that swear by IE (and avant or my ie or any of the other variants)

it sucks just dump it already

Eh, I wouldnt say they are brainwashed. A lot of people dont really have any preference for anything and if IE works, it works and thats just it. My gf didnt switch until she told me that she hated having to open tons of windows while doing internet research so I showed her the great tabbed browsing and middle click open and the skins in firebird 0.6 and she hasn't switched since.

I DO however, hate when im using p2p and dumbasses wont upgrade their software and download from me at a snails pace with a nearly one year old version of Edonkey2000.

Anyway, go Firebird. Let the masses have their restrictive browser. They're missing out, but who cares?

there are no flaws in IE. IE is perfect. screw firebird. nuff said

Firebird extensions (http://texturizer.net/firebird/extensions/) own your soul.

I've never had a problem with MyIE2, it does what I want, and is very compatible with websites.

Honestly, what are the chances somebody will actually use one of these vulnerablities? I just avoid shady email links, and stick to warez sites I know and trust, I really doubt I even need to do updates (but I do anyway).