Wednesday  a live demonstration at the Black Hat DC conference immediately prompted a Microsoft Security Advisory. Jorge Luis Alvarez Medina, the Argentina-based security consultant with Core Security Technologies, showed attendees that it was possible to use an exploit found in Internet Explorer to remotely read files on a victim's local drive.

The security flaw effects across all versions of Internet Explorer, it cannot be fixed with a simple patch. Microsoft stated that consumers can work around the problem by running Internet Explorer in “protected mode.” That really does not help as many now aware of this problem have unwittingly turned there PC into an anonymous file server.

Medina offered other workarounds including an IE Network Protocol Lockdown. You can do this by cranking up the Internet and Intranet Zones to "high," and disabling Active Scripting for both zones. He also suggested that users switch to different browsers when navigating to untrusted Websites.

According to Microsoft, the FTP-style vulnerability affects consumers using Windows XP and those who have disabled Internet Explorer Protected Mode. "The vulnerability exists due to content being forced to render incorrectly from local files in such a way that information can be exposed to malicious websites," the company said.

Yet again PCModer followers who have headed our warnings and use Firefox or some other browser have nothing to worry about. Have you stopped using it yet??