“The first widespread attack to leverage a recently patched flaw in Microsoft’s Internet Explorer browser has surfaced,” Robert McMillan reports for Computerworld. “Starting late on Wednesday, researchers at antivirus vendor Symantec’s Security Response group began spotting dozens of websites that contain the Internet Explorer attack, which works reliably on the IE 6 browser, running on Windows XP.”

MacDailyNews Take: In other words, millions upon millions of exactly the type of users who think a patch is something they sew onto their kids’ play pants.

McMillan continues, “The attack installs a Trojan horse program that is able to bypass some security products and then give hackers access to the system, said Joshua Talbot, a security intelligence manager with Symantec.”

“As of midday Thursday, Symantec had spotted hundreds of websites that hosted the attack code, typically on free web-hosting services or domains that the attackers had registered themselves,” McMillan reports. “The IE flaw being leveraged in these attacks was also used to hack into Google’s corporate network last December. It has been linked to similar incidents at 33 other companies, including Adobe Systems. Microsoft patched the vulnerability in an emergency security update Thursday morning.”

Full article here.

[Thanks to MacDailyNews Reader “James W.” for the heads up.]

The Microsoft Tax: Windows 7 zero-day flaw enables attackers to cripple PCs; Macintosh unaffected – November 16, 2009
The Microsoft Tax: Windows 7 flaw allows attackers to remotely crash PCs; Macintosh unaffected – November 12, 2009
The Microsoft Tax: Windows virus delivers child porn to PCs, users go to jail; Mac users unaffected – November 09, 2009
The Microsoft Tax: Worms infest Windows PCs worldwide; Mac users unaffected – November 02, 2009
The Microsoft Tax: Banking Trojan horse steals money from Windows sufferers; Mac users unaffected – September 30, 2009
The Microsoft Tax: Serious Windows security flaw lets hackers to take over PCs; Macintosh unaffected – July 07, 2009
The Microsoft Tax: Windows Conficker worm hits hospital devices; Macintosh unaffected – April 29, 2009
The Microsoft Tax: Conficker virus begins to attack Windows PCs; Macintosh unaffected – April 27, 2009
The Microsoft Tax: Conficker’s estimated economic cost: $9.1 billion – April 24, 2009