This doesn’t bode well. So we know there’s a vulnerability, but Microsoft doesn’t expect to have a fix togther for a few weeks? If the vulnerability is in IE, it sounds like a good reason to start using Firefox, an alternative web browser to Internet Explorer. It’s what I use at home. You can get info on it here. And, it’s probably a good idea to heed this advisory from our IS security team:
Internet Explorer vulnerability leaves computers open to attack
Information Services (I.S.) has learned of a vulnerability in Microsoft Internet Explorer which could allow an attacker to take control of your Windows PC. The attack comes in the form of an Internet link (URL); these links may be received through email, instant messages, web forums, or internet relay chat (IRC) channels.
A fix for this vulnerability is not expected until October 10, 2006. I.S is currently monitoring the threat and is investigating a potential work around to secure PCs until the Microsoft patch is released. In the meantime, users are reminded to follow computer security best practices.
Don’t click on un-trusted/ unknown or unsolicited Internet links
Don’t open email from unknown sources
Don’t open suspicious attachments
Don’t download unapproved software
Use common sense
More information regarding this advisory can be found at http://www.microsoft.com/technet/security/advisory/925568.mspx. Please contact email@example.com for additional information.