Zero-Day Exploit Affecting IE7 Users

Details of a serious vulnerability affecting the Internet Explorer 7 browser have been unveiled, and it appears that hackers have already begun exploiting it across the Web. Several malicious sites are taking advantage of the flaw by downloading and installing a trojan, eventually gaining the same rights on the PC as the local user. Microsoft has acknowledged the issue and has suggested ways to limit the vulnerability's impact. However, until a patch is released, you may want to use another browser such as Chrome, Firefox, Opera, or Safari.

Further information should be available shortly. In the meantime, ShadowServer offers a comprehensive list of sites which are exploiting the bug while SANS Internet Storm Center describes how the exploit actually works.