Rapid7 warns of a new zero-day exploit for Internet Explorer, which Microsoft has not yet released a patch for.
Internet users are strongly advised to switch to other browsers, such as Chrome or Firefox, until a security update becomes available.
The exploit is affecting about 41 per cent of internet users in North America and 32 per cent world-wide. Published in Rapid7ís Metasploit, it looks like this exploit may have come from the same place as the recently discovered Java zero-day exploit, as it is run on the same server.
The new and previously unknown exploit can be used to load malicious software on machines running Windows XP, Vista or 7 along with the latest editions of the IE 7, 8 and 9 browser.

http://www.pcr-online.biz/news/read/...firefox/029184