Update: On May 1, Microsoft released a fix for Internet Explorer -- all affected versions: 6, 7, 8, 9, 10, and 11. Surprisingly, that includes versions that run on Windows XP -- though Microsoft no longer supports XP, the severity of this security flaw prompted the company to patch XP-compatible versions. Your system should download the patch automatically; if it doesn't, enable automatic Windows Update.
This weekend Microsoft issued a security advisory for Internet Explorer, warning that hackers can exploit a vulnerability that lets them run commands on remote computers. In other words, hackers exploiting this flaw can hijack your system. Security firm FireEye, which discovered the flaw, says that hackers are targeting US financial and government organizations.
This vulnerability is in Internet Explorer 6, 7, 8, 9, 10, and 11. If you're using one of those versions of Internet Explorer -- especially versions 9, 10, and 11, which are currently under attack -- switch to Firefox, Chrome, or Opera until Microsoft fixes the flaw. Even the Department of Homeland Security recommends avoiding Internet Explorer for now. If you absolutely must use Internet Explorer, disable the Flash plug-in (or download Microsoft's patch for Flash in IE 10 and 11), install EMET 4.1 or 5.0, or enable Enhanced Protected Mode in IE 10 and 11. But really, you're better off avoiding IE altogether.
If your machine still runs Windows XP, consider getting off Internet Explorer permanently, because Microsoft no longer supports XP. Try Chrome. Better yet, improve your overall system security by following our tips to migrate to Windows 7 or Windows 8. If you insist on sticking with the old OS, we have recommendations for making XP a little safer.
As always, you improve your system's security by enabling a firewall (the Windows firewall and/or a third-party firewall), installing antivirus and antimalware apps, and keeping all your software up-to-date. Find more information about the vulnerability and security tips at Microsoft's blog.
