A new security problem has been discovered in Microsoft's Internet Explorer and the Windows operating system that could allow hackers to gain access to personal information on the computers of 900 million Windows users.
In a security warning published January 28, Microsoft stated that the vulnerability makes it possible for a rogue web site or malicious content put into a legitimate web site to send instructions to Internet Explorer in such a way that the browser could disclose information or perform actions on the site the user is on "on behalf" of the victim.
In short, a hacker could use this vulnerability to essentially hijack your session with a website, doing things like grabbing information from your Facebook account or other sites you might be connected to. While Microsoft's spokesperson said there have been no known uses of the vulnerability yet, it was revealed publicly before Microsoft knew about it.
Microsoft's suggested actions to fix the problem include changing the setting for how Internet Explorer handles the MHTML protocol, which Internet Explorer uses for "web archive" pages, using a "Microsoft Fix it" download. Microsoft also recommends changing security settings on the browser to "High".
Of course, the easiest fix may be to use a different web browser, such as Firefox or Google Chrome. But Microsoft would never recommend that.
