If you’re still using Microsoft’s Internet Explorer 8, be aware that the Redmond-based software giant has not plugged up all the holes to ensure maximum security for its users.

The exploit, which was discovered last week by the security firm Invincea, is allowing hackers to remotely execute malicious codes if and when an IE8 user lands on a shady website.

Microsoft states that the exploit does not affect IE 6, 7, 9, or 10, so IE users are strongly urged to upgrade to IE 9 or 10 (or downgrade to IE6?).  Should a person choose not to upgrade, Microsoft is advising IE 8 users to set “Intranet and local intranet security zone settings to ‘High’ to block ActiveX Controls and Active Scripting in these zones.”  Also, users are encouraged to have their IE browsers set to “prompt before running Active Scripting.”

A fix for the IE 8 exploit is on the way, but there are no confirmations as to when Microsoft will release the patch.