Homeland Security is advising not to use IE.
"We are currently unaware of a practical solution to this problem," the Department of Homeland Security's United States Computer Emergency Readiness Team said in a post Monday morning.
It recommended that users and administrators "consider employing an alternative Web browser until an official update is available."
FireEye first reported the vulnerability. It says....
"The attack will not work without Adobe Flash," FireEye said. "Disabling the Flash plugin within IE will prevent the exploit from functioning."
While the bug affects all versions of Internet Explorer 6 through 11 it is currently targeting IE9 and IE10, FireEye stated. FireEye said the hackers exploiting the bug are calling their campaign "Operation Clandestine Fox."
Symantec says....Rather than directly reach out to a victim, the hackers inject their code into a "normal, everyday website" that the victim visits, he said. Code hidden on the site then infects their computers.
"It's called a watering-hole attack because if you're a lion, you go to the watering hole because you know that's where the animals go to drink."
IE 6 thru 11 are vulnerable. XP users will not receive a patch from Microsoft....
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”