Highly Critical Internet Explorer 8.0 vulnerability

A so-called “watering hole” hacking attack on the US Department of Labor website last week has spread to nine more global websites over the weekend, including those used by European aerospace and nuclear researchers.
Originally discovered on May 1, the Department of Labor’s Site Exposure Matrices site began, via JavaScript inserted into an iFrame format video, redirecting users to an infected site hosting the Poison Ivy remote access Trojan.

Users are recommended to upgrade their Internet Explorer to the latest version (10) from http://windows.microsoft.com/en-us/internet-explorer/download-ie , but those who can’t do that should at a minimum download the fix which has been provided by Microsoft: http://support.microsoft.com/kb/2847140

More information:
http://www.welivesecurity.com/2013/05/07/watering-hole-attack-on-dept-of-labor-site-exploited-new-ie8-vulnerability/
http://www.computing.co.uk/ctg/news/2266514/ie-8-zeroday-attack-spreads-to-military-sites