Anyone using Internet Explorer must read about the major vulnerability that’s just been found.  On Saturday (April 26th), Microsoft issued an alert titled “Vulnerability in Internet Explorer Could Allow Remote Code Execution” (technet.microsoft.com). That alert has all the details about the vulnerability.

The key facts are also outlined in several good articles including ones by Graham Cluley (grahamcluley.com; “New zero-day exploit attack sees Internet Explorer in line of fire. No fix from Microsoft yet”) and Arik Hesseldahl (recode.net; “New Vulnerability Hits Internet Explorer, and It’s Serious”).

The magnitude of the flaw is significant and the impact even more so. As Mr. Cluley and Mr. Hesseldahl report, someone who visits a website that’s already been infected by the hackers using a version of Internet Explorer could have his or her computer infected.  Also, Mr. Hesseldahl explains that this is a “remote code execution vulnerability” which, as he writes, “…means a bad guy can make a target computer run software after a successful attack.”

So until there’s a fix, what can people do?  The most obvious is using an alternative web browser such as Chrome or Firefox or Opera.  Also, keep reading the Microsoft technet blog, Mr. Cluley, Mr. Hesseldahl and other articles to keep up to date on whether there’s a fix.