When the surfer ends up getting viruses from infecting your website, the site owner can take possession of the computer used for surfing.

There is no correction for this yet.

Microsoft recommendations:
Install: Enhanced Mitigation Experience Toolkit v3.0
Set IE security: intranet and the Internet security level to “high.”

Source: http://www.iltasanomat.fi/digi/art-1288500272218.html

Enhanced Mitigation Experience Toolkit v3.0
A toolkit for deploying and configuring security mitigation technologies
http://www.microsoft.com/en-us/download/details.aspx?id=29851

Critical zero-day bug in Internet Explorer under active attack
Remotely triggered vuln can affect a wide variety of IE and Windows versions.
http://arstechnica.com/security/2012/09/critical-zero-day-bug-in-microsoft-internet-explorer/

Internet Explorer users have been told to ditch the application and switch to another browser, pronto.

The warning comes from Rapid7, which describes a hole that’s exploitable by visiting a malicious Website (and, of course, in the world of Twitter and shortened URLs, it’s so much easier to get users to visit such sites).

Visiting a malicious site gives the attacker the same privileges as the current user

Although the published exploit targets XP, Rapid7 says the attack works on IE 7 through 9 running on XP, Vista and Windows 7.

Romang claims the exploit was created by the same group – Nitro – that recently released a Java zero-day into the wild.

This is one of the few times that a vulnerability has been successfully exploited across all the production shipping versions of the browser and OS

Google confirmed late last week that it would soon be killing off support for Microsoft’s now aged browser, Internet Explorer 8, which also means it no longer gives a stuff about Windows XP hold-outs.

The company said in a blog post on Friday that it would discontinue support for IE 8 on 15 November, claiming the move was prompted by the forthcoming arrival of IE 10 on 26 October.

However, IE 8, which launched in March 2009, was also the final MS browser to support Redmond’s 11-year-old workhorse operating system that refuses to die: Windows XP.

Of course, it was Microsoft and not Google that ultimately abandoned Windows XP users by not providing support for them in either IE 9 or the soon-to-be-released IE 10.

Last night, as I was perusing social media, a post from a friend caught my attention. It seems that the web-types at Kogan, an online electronics retailer in Australia and the UK, have tired of the additional work required to support Internet Explorer 7, and to even the score, have imposed a 6.8% tax on shoppers using IE7.

While others were celebrating the move, as a Linux user, I was appalled. “What? Appalled? You should be cheering — it’s a master stroke against evil and outdated software!”

No, no it isn’t. It’s discrimination, and of a type that every Linux user has suffered.

I won’t deny that it’s a pain to ensure IE7 compatibility. As a web developer, I know it well. I’m keenly aware of the time I’ve spent fixing sites for IE7, and what it has cost my clients. As a business owner, I’m acutely aware of the cost of accommodating niche sections of the market. I feel the pain.

I understand the allure of a stunt like this — and let’s be honest, with IE7′s market share at 1.5%, this is about publicity, not profit loss

We all run up against a lack of Linux support on a regular basis, and if pressed, the responsible company is guaranteed to reply with a variant of “Sorry, supporting you would cost too much.” What one of us hasn’t heard “We don’t have the resources”, “Linux users aren’t a significant segment of our market”, “We have other development priorities”, and a million other ways of saying “You won’t bring in enough money to be worth our time”?

Cross-platform and cross-browser support is part of the cost of doing business. So are credit card processing fees, employee benefits, and the coffee machine in the break room. Taxing IE7 users because it’s too annoying to support them is as evil as creating IE-only websites that shut out users of Firefox or Chrome. It’s as evil as creating Flash sites that millions of users can’t see. It is the evil of saying “You’d better do what we tell you to, or you’re going to suffer for it.”