New IE Zero day (what a surprise)

    Well, yet another exploit for the shoddy excuse of a browser known as Internet Explorer has been found. This exploit works with IE 7, 8, and 9. It works by dropping a malicious SWF file, which then drops a Trojan R.A.T. (Remote Administration Tool) known as "Poison Ivy". Microsoft has not yet commented on the matter, but is probably preparing a security advisory.

    The Exploit is detected by most Anti virus software, so make sure to firewall up. The threat has been linked to the same hacker group responsible for the Java zero day released late last month. Both are now available for free on Rapid7's Metasploit framework. Rapid7 reasercher "sinn3r" wrote

“Since Microsoft has not released a patch for this vulnerability yet, Internet users are strongly advised to switch to other browsers, such as Chrome or Firefox, until a security update becomes available. The exploit had already been used by malicious attackers in the wild before it was published in Metasploit. The associated vulnerability puts about 41% of Internet users in North America and 32% world-wide at risk.” 

I highly suggest you IE users dump your current browser and pick up chrome.
Be sure to comment with ideas for next post, and keep an eye out for my upcoming google+ and facebook pages.

Update:
Microsoft releases fix for the zero day and a number of other flaws. They also fixed a flaw with adobe libraries that were used by IE.
This update is applied automatically if you have automatic update enabled or you can run windows update.

Credits
krebs
Trend Labs