As previously stated, a patch has not been issued from Microsoft thus far. However, Microsoft has posted instructions on how users can protect the two most recent versions of Internet Explorer against a security flaw. The security flaw allows attackers to slip malicious code into an innocuous website, using a compromised file.
When a victim visits the tainted website using any of the Internet Explorer web browsers versions 6 through 11, attackers could gain full user rights over the victim’s computer, and potentially all information on it.
The security flaw led the U.S. Department of Homeland Security’s Computer Emergency Readiness Team on Monday to advise Americans to switch to a different browser until it’s corrected.
US-CERT has since reviewed its recommendation and now suggests users and administrators make use of the Microsoft security workarounds.
Microsoft’s updated information about the vulnerability includes information on a Enhanced Protected Mode workaround that will protect people using Internet Explorer 10 and 11, the two most recent versions of the web browser.
However the fix is somewhat technically complex you can read about the workaround here:
The IE vulnerability is of major concern. It affects all supported versions of Internet Explorer, which is present on nearly every Microsoft Windows system.
The security flaw is a problem for IE users, but even more so since XP users won’t get updates.