This could be another good time to avoid Internet Explorer:
Critical zero-day bug in Internet Explorer under active attack
Remotely triggered vuln can affect a wide variety of IE and Windows versions.
Attacks can be vectored through Flash, but it is not required.
via Critical zero-day bug in Internet Explorer under active attack | Ars Technica.
First, the good news from Microsoft’s newest data on real-world Windows security incidents: Zero-day attacks are relatively rare. Now the bad news: Nintey-nine percent of all malware infections are due to organizations and users not applying security updates.
So why don’t people or organizations let the thousands of existing patches secure their machines?
via New Microsoft Data Puts Zero-Day Threat Into Perspective – Dark Reading.