![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
reddragdivaPicture this: Hacker breaks into major corporate website, puts up a malicious bit of code. If you view the page in Internet Explorer, the code exploits a hole in IE and infects your computer. You didn't do anything except view a website. Your computer is now 0wned and being used by Russian spam gangs to advertise Viagra and mount DDOS attacks.
"The flaws affect every user of Internet Explorer, because Microsoft has not yet released a patch. Moreover, the infectious Web sites are not just those of minor companies inhabiting the backwaters of the Web, but major companies, including some banks." "The malicious program uploaded to a victim's computer is not currently detected as a virus by most antivirus software."
More stories: First sighting; ZDNet article; CNN.
Browsers: Firefox (4.7 MB); Opera (3.4 MB); Mozilla Suite (12.0 MB, includes email and IRC).
Only use IE for your Windows Update. If your bank insists on IE, get on the phone and tell them why that just isn't bloody good enough any more. If your work insists on IE, forward IT and your boss those story links and demand Firefox to keep doing your job.
(For our geek readers: details of the attack.)
I couldn't have imagined saying these words on the Internet before this, but ... tell everyone you know.
Update: Download.ject article from Wikipedia. (Mostly written by me.)