If you’re still using Internet Explorer as your web browser you’ll want to be sure to install the latest round of patches from Windows Update as they’ll plug several critical holes in the browser and OS:
“This patch release is a big one with lots of aftershocks,” said Jonathan Bitle, a product manager at security company Qualys. “Three of the five updates, the IE and Windows updates, are especially critical as they take advantage of inexperienced users…Although a worm epidemic is unlikely, users can be easily enticed to visit malicious Web pages.”
Eight of the 10 vulnerabilities repaired by the IE update could be abused to gain complete control over a Windows computer running vulnerable versions of the Web browser. In all instances, an attacker would have to create a malicious Web site and trick people into visiting that site to hook into a PC, Microsoft said in its Security Bulletin MS06-013.
Microsoft rates its browser update “critical” for IE 5 and IE 6, the most-used versions of the popular software. IE is vulnerable on all current versions of the Windows operating system—Windows 2000, Windows XP and Windows Server 2003—as well as on the older Windows 98 and Windows Millennium Edition, the company said.
There’s already a few trojans out there that take advantage of these holes so be aware. Of course if you’re still using IE then this is one more reason to switch to Firefox 1.5 or, as someone will no doubt point out, buy a Mac.