A new zero day vulnerability has been found in Internet Explorer which allows an attacker to attack and steal user data .
Even though all versions are affected, security firm Fire Eye, reports that the ones which are the most targeted are IE 9,10, and 11.
Microsoft have acknowledged the vulnerability in an official statement made at the TechNet blogs.
Here is what they said:
The vulnerability is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
The good news is Microsoft will be releasing a patch to fix this critical issue ASAP, but the bad news is that Windows XP will not get it, as it reached the End of Support earlier this month. So all you can do is to switch to an alternate browser such as Mozilla Firefox or Google Chrome.