Microsoft has announced an update for a critical flaw in Internet Explorer will be released 1PM Wednesday USA Eastern Time (early morning Thursday Australian time).

ComputerWorld states Microsoft has confirmed that all versions of Internet Explorer, including IE5.x, IE6, IE7 and IE8 Beta 2, contain the bug. It was initially thought that only IE7 had the vulnerability.

Trend Micro say attacks based on the vulnerability are rapdily increasing, with millions of computers already compromised. The company believes that over 10,000 infected websites are installing the malicious software onto visitors’ computers to take advantage of the flaw which allows an attacker to gain control over a user’s system.

Patches will be ready for users of Windows 2000, XP, Vista, Server 2003 and Server 2008 for IE5.01, IE6 and IE7 tomorrow. A separate patch will also be issued tomorrow for IE8 Beta 2.

Windows Vista users will be able to update their systems (if not already set to auto update) by going to the start button, then typing “windows update” in the “start search” box. Users of other Windows systems should visit windowsupdate.microsoft.com.

If you’re an IE user, in the meantime the safest thing you can do is to switch to another browser such as Firefox or Google Chrome. It’s always a good idea to have alternative browsers installed in case this type of thing happens and for general cross browser testing.