There have been several alerts over the last few days about the latest “zero-day exploit” that has, or could, hit users.  I say “has” because some of the articles indicate that the attacks by the scammers have already taken place.

Eric Romang is a security researcher who’s credited in numerous articles for having found the flaw.  He said the security hole allows scammers and attackers to use a Trojan back door to get onto the Internet Explorer browser on the soon-to-be victim’s computer.  This latest Trojan back door is known as “Poison Ivy” — and that it’s versions 7, 8 and 9 of Internet Explorer used on Windows XP, Vista and Windows 7 that are vulnerable.

If the attacker’s successful, he can then run whatever code he wants on the captured computer; can add and/or delete files; and/or can change registry values. People are being advised to avoid using Internet Explorer and use other browsers (e.g., Chrome, Foxfire, Safari, Opera) until Microsoft issues a patch to fix this vulnerability.  In fact, the German government advised users to stop using Internet Explorer because of this “zero-day” threat.

The articles also report that Rapid7, a security firm, is currently working on a module so users (commercial as well as consumers) can test to see if their computers are vulnerable.  It’s reported that Rapid7 is also working on a counter-measure but no details are yet available about that.

This is “poison ivy” you need to know about right now!  Use a different browser and do read all or any of these excellent articles for more details about the technical steps you can take: Brian Krebs (; “Internet Explorer Users: Please Read This”); Graham Cluley (; “Threat level goes HIGH, as Microsoft readies fix for critical Internet Explorer security hole”); Nancy Owano (; “Internet Explorer users are warned against Poison Ivy”).