Security experts are warning that a recently patched critical flaw in Microsoft's Internet Explorer browser is already being exploited in the wild
Symantec senior researcher Joji Hamada explained in a blog post that the so-called Internet Explorer time element uninitialised memory remote code execution vulnerability is being exploited in specific targeted attacks.
"We have been able to confirm the existence of one such attack that involves a compromised web site hosting content for a neighbourhood restaurant," he added.
"It appears that a duplicate of the top page of the web site was either hacked to include a hidden iframe tag linking to an exploit page or was prepared from scratch, which, if run successfully, the included shell code downloads an encrypted malicious file from the same site."
He explained that the attack has been crafter to steal information, with the hacker emailing their victim a link to the compromised web site in question.
The vulnerability was patched this week by Microsoft as part of its monthly update cycle, which covered 34 flaws in 16 bulletins.
It affects versions 6, 7 and 8 of Internet Explorer, although only the latter is being actively exploited, according to Hamada.
"To protect themselves from attack, users should apply the latest patch for this vulnerability," Hamada concluded.
"They should also keep all other software on their computer up to date as well, including security software. Users should also be cautious when receiving emails with attachments and links they receive from both known and unknown sources."
Dubbed Antlia 2, the ghost galaxy sits just 130,000 light-years away from the Milky Way
Delays to the roll-out of age verification for adult websites hasn't stopped government from considering extending them to more websites
Bluehole confirms rumours that Playstation 4 port is coming on 7 December
Atmospheric iodine works as a significant sink of tropospheric ozone, nullifying the harmful pollutant