Microsoft is advising its customers to upgrade to Internet Explorer 8 – even though the latest version of its browser is vulnerable to a serious security attack.

The software giant issued a statement urging people to upgrade their browser, after the zero-day exploit that was used to attack companies such as Google went public.

According to Microsoft’s security advisory: “the vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object is deleted. In a specially-crafted attack, in attempting to access a freed object, Internet Explorer can be caused to allow remote code execution.”

But although Internet Explorer 6 has been the source of attacks until now, Microsoft’s advisory admits that both IE7 and IE8 are vulnerable to the same flaw, even on Windows 7.

Nevertheless, Microsoft is still urging its customers to upgrade their browser to the latest version. “Customers using Internet Explorer 8 are not affected by currently known attacks and exploits due to the improved security protections in IE8,” the company claims.