Internet Explorer users have been told in many sources many times (including my blog): ditch the IE application and switch to another browser, pronto. There is a a new serious hole that’s exploitable by visiting a malicious Website: The site owner can take possession of the computer used for surfing. This critical zero-day bug in Internet Explorer is under active attack. It is claimed that this IE exploit was created by the same group that recently released a Java zero-day into the wild.
The attack works on IE 7 through 9 running on XP, Vista and Windows 7. This is one of the few times that a single vulnerability has been successfully exploited across all the production shipping versions of the browser and OS. There is no correction for this yet.
Microsoft recommendations for this problem:
Install Enhanced Mitigation Experience Toolkit
Set IE security: intranet and the Internet security level to “high.”
Do not use Internet Explorer. Get rid of IE now! Use some safer browser like Firefox or Chrome. While every browser has its security issues, those are considerable safer alternatives.