Users of Internet Explorer will want to take note of a warning Microsoft posted today, as the company has discovered a vulnerability in several versions of the browser. Redmond has indicated that the new exploit could affect IE6 and IE7, but users of IE8 were immune – another good reason to upgrade. The flaw is dangerous, potentially resulting in system compromise.
Symantec provided some details on the flaw, suggesting it is within CSS handling. It isn't considered to be widespread and hasn't been seen much, if at all, in the wild – likely to "unreliability". A more "reliable" version of the exploit is likely in the works, Symantec claims, so protecting yourself sooner rather than later is a good idea. Like many browser-based flaws, it requires little user interaction to spring itself; merely visiting a compromised website is enough to become infected.
A patch does not yet exist for the flaw, though there is nothing stopping IE6 or IE7 users from upgrading to IE8. Whether or not this flaw is urgent enough for Microsoft to provide a fix out of cycle remains to be seen.