Microsoft today announced the release of Internet Explorer 9.0.6. It fixes "five privately reported vulnerabilities in Internet Explorer." The worst vulnerability would allow "remote code execution" if a user visited an infected Web site. This would allow somebody to gain control of the PC in question with the same user rights as the local user.
These are the kind of vulnerabilities that can lead to the creation of a botnet. People visit a Web site and get their computer hijacked by a foreign party. Their computer then becomes part of the botnet collective which usually goes unnoticed by the user if the creator of the botnet is good at their job.
Microsoft says that this updated is rated critical for IE6, IE7, IE8 and IE9 on Windows clients. It's rated moderate for the same versions of IE on Windows servers. You can check out the full security bulletin for all the information including which operating systems are affected.
If you have automatic updating turned on, the update should have already been applied. If you're like me and have automatic updates turned off, you can apply it the usual way through Windows Update. While I don't use Internet Explorer and many Windows users reading this now probably don't either, it's still suggested that you install the update. There's always that small chance of a friend using your computer and browsing with Internet Explorer. It's better to be safe than sorry.
netizens left a footprint.