On Saturday the Microsoft Security TechCenter published a bulletin about a vulnerability with Internet Explorer versions 6 – 11. In a report from the U.S. Department of Homeland Security, “By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code.”
The attacker uses a corrupted Flash file that gives them the ability to take over the victim’s computer. No vulnerability with Adobe Flash has been found.
A workaround to help prevent attacks would be to disable the Flash plugin within Internet Explorer, however, when you disable the Flash plugin, you are unable to see various graphics and videos in websites.
At this time, no security fix has been released. If you are still using Windows XP, you won’t get a fix because Microsoft discontinued their support of that system on April 8, 2014.