WASHINGTON DC US-CERT has issued a Cyber Security Alert advising anyone running Internet Explorer and Microsoft Windows that both contain vulnerabilities that could allow a hacker to penetrate unprotected computers.

The problem

Several vulnerabilities in IE could allow a malicious web site or
HTML email message to install software on your computer. This
software could be used to steal sensitive financial information or
perform other actions. Recent incident activity has been referred to as Download.Ject, JS.Scob.Trojan, Scob, and JS.Toofeer.

The solution

Microsoft has released a security update for IE that provides
increased protection against this type of attack. Note that this
update may not prevent attacks in all cases.

The resolution

Install Critical Update US-CERT recommends that users install the update from the Microsoft.

Increase IE Security Settings

In addition, US-CERT strongly recommends that users modify IE
security settings according to the instructions in the Malicious
Web Scripts FAQ.

Further information is available from Microsoft in What You Should Know About Download.Ject.