Confirmed exploits in the wild have been reported for a vulnerability in Internet Explorer 8. There is currently no patch available. The vulnerability can be exploited by a simple drive-by attack which will allow adversaries to install malware on your computer without any user action necessary. This means you could be infected simply by visiting a legitimate website that has been compromised and hosting the malicious code. The vulnerability was already leveraged in a targeted attack on the U.S. Department of Labor.
1. We recommend that all users stop using the Internet Explorer 8 web browser immediately.
2. On Thursday, May 9, Microsoft released a workaround that acts as a temporary fix until a patch is released. The fix is available at https://support.microsoft.com/kb/2847140 .