Risk: High
Microsoft has issued a security patch to fix a critical vulnerability in its Internet Explorer browser. The vulnerability is said to have attacked over 2m Windows users.
The flaw is believed to have already infected as many as 10,000 websites. The "zero day" exploit lets criminals take over victims' computers by steering them to infected websites.
Microsoft's Christopher Budd said the software giant "encourages all IE customers to test and deploy this update as soon as possible".
Microsoft stressed that the flaw was proven to exist only in IE 7 on all applicable versions of Windows, but that IE 6 and the "beta" release of IE 8 were "potentially vulnerable".
Users who have automatic updates turned on will receive the patch automatically while others can access it via a download.