If you’re reading this, chances are you’re not an avid Internet Explorer user. If by some chance you are, here’s a quick warning about a potential attack on your system.
An exploit for a vulnerability that affects all versions of Internet Explorer and has yet to be patched by Microsoft has been integrated into the open-source Metasploit penetration testing tool, a move that might spur an increasing number of attacks targeting the flaw.
The vulnerability is known as CVE-2013-3893 and was announced by Microsoft on Sept. 17 after the company became aware of its use in targeted attacks. The company released a temporary “Fix It” tool that customers can download and install to address the flaw, but no permanent patch has been released through Windows Update.