IE Flaw Gives Hackers Access to User Files

snydeq writes: "Microsoft warned that a flaw in IE gives attackers access to files stored on a PC under certain conditions. 'Our investigation so far has shown that if a user is using a version of Internet Explorer that is not running in Protected Mode an attacker may be able to access files with an already known filename and location,' Microsoft said in a security advisory. The vulnerability requires that an attacker knows the name of the file they want to access, according to the company. The disclosure is the latest security problem to affect IE. Last month, an undisclosed vulnerability in IE 6 was used in attacks that targeted more than 20 U.S. companies, including Google, which blamed China. The vulnerability has since been fixed by Microsoft. The attacks led Google to announce last week that it would phase out support for IE 6, starting with Google Apps and Google Sites in March."