From Computer World

French, German governments urge users to dump IE until Microsoft produces patch
Hackers are attacking consumers with an exploit of Internet Explorer (IE) that was allegedly used last month by the Chinese to break into Google's corporate network, a security company said Monday.

That news came on the heels of warnings by the information security agencies of the French and German governments, which recommended that IE users switch to an alternate browser, such as Firefox, Chrome, Safari or Opera, until Microsoft fixes the flaw.

In a Monday alert Websense said it identified "limited public use" of the unpatched IE vulnerability in drive-by attacks against users who strayed onto malicious Web sites. The site Websense cited in its warned has since been yanked from its hosting server.

According to Websense, the attack code it spotted is the same as the exploit that went public last week. That code was quickly turned into an exploit module for Metasploit, the open-source penetration testing framework, by HD Moore, the creator of Metasploit and chief security officer for security company Rapid7.

Websense also said its researchers were working with Microsoft's to identify sites serving up the exploit.   [More...] [Comments...]