If you are like 95% of all computer users who use Internet Explorer, then you need to know what the problem was, how Microsoft fixed it and how to check your computer to see if you were affected or possibly infected. This how to will explain it all.
CRITICAL INFO: On December 17, 2008, Microsoft releases security bulletin MS08-078 – Critical. This security update resolves a publicly disclosed vulnerability. This vulnerability allowed remote code execution (a program would run on your computer without your premission) if a user views a specially crafted web page using Internet Explorer. This malicious code execution would allow someone to gain access to your computer. All you had to do was go to a site that had this code.
RESTRICTED USER RIGHTS: If your computer’s user account was configured to have fewer user rights on the system, it is possible that there is less of an impact than users with full administrative user rights.
DETECTION: Microsoft has provided detection tools to assist in detection and security misconfigurations; tools such as Microsoft Update, Office Update and Microsoft Baseline Security Analyzer (MBSA). There are others but these are the primary ones. It is advised to run a full virus scan to determine if there has been any infection during this vulnerable time. Make sure your virus software is update to date prior to running the full scan. If you have a software firewall, check inbound and outbound log looking for odd or strange activity. It is also advisable to run a malware scan using free tools such as ADAWARE or SPY BOT Search & Destroy.
SECURITY UPDATE: The update is for Internet Explorer 5.01, 6, IE 6 Service Patch 1, Internet Explorer 7 and IE 8 Beta 2. There are numerous versions of Microsoft that are affected; see the resource link to verify your MS version.
DOWNLOAD: If you automatically receive MS updates then you should be fine. If not or to be safe, under your Internet Explorer menu bar select Tools then Windows Update. From there, follow all on screen instructions. The update only takes about 5 minutes and requires a computer restart.
Link to KB Article: http://www.microsoft.com/technet/security/bulletin/ms08-078.mspx