The flaw has been discovered in July and sparked a bitter war of words between Microsoft and Mozilla, each company blaming the other’s browser for mishandling the uniform resource identifiers (URI). Mozilla gave up the fight and issued an update for Firefox, while Microsoft kept waiting for the bug to just solve itself </sarcasm>.

Basically, if a user clicks on a malicious link and uses Internet Explorer 7, his PC could be completely compromised. The IE7 flaw only affects Windows XP and Windows Server 2003.

Recently, Microsoft released a Security Advisory, saying that a patch is in the works and will become available once it passes all the usual tests. We don’t know who penned the advisory, but we’re willing to bet that he or she is related to Captain Obvious:

This vulnerability does not affect Windows Vista or any supported editions of Windows where Internet Explorer 7 is not installed”

Still, for the time being, Microsoft can only offer a great piece of advice: "Do not follow un-trusted links or browse un-trusted Web sites."