from the open-file-my-documents dept.
snydeq writes "Microsoft warned that a flaw in IE gives attackers access to files stored on a PC under certain conditions. 'Our investigation so far has shown that if a user is using a version of Internet Explorer that is not running in Protected Mode an attacker may be able to access files with an already known filename and location,' Microsoft said in a security advisory. The vulnerability requires that an attacker knows the name of the file they want to access, according to the company."
"Call immediately. Time is running out. We both need to do something
monstrous before we die."
-- Message from Ralph Steadman to Hunter Thompson