Perdita
16-12-2008, 12:43
Millions warned not to use Internet Explorer after Chinese fraudsters use security flaw to hijack computers
Ten of millions of people who access the web using Microsoft's Internet Explorer could be vulnerable to having their computer hijacked because of a serious new security flaw.
Security experts urged people to switch to rival browsers such as Firefox, Opera or Safari, until the bug has been fixed.
The problem, first revealed last week, allows criminals to take over computers and steal passwords if the user visits an infected website.
As many as 10,000 sites have already been compromised to take advantage of the flaw, according to anti-virus software producer Trend Micro.
So far the websites, which are mostly Chinese, have been used to steal computer game passwords which can be sold on the black market.
Hackers can secure up to £9,000 for these passwords from fanatical gamers. But Trend Micro security researcher Paul Ferguson confirmed there were major concerns that the problem could be exploited by 'more financially motivated criminals for more serious mayhem'.
Microsoft said it had so far only found attacks against version 7 of Internet Explorer, the world's most popular web browser, but warned that other versions were 'potentially vulnerable'.
In a security update issued yesterday, the computer giant said: 'We are actively investigating the vulnerability that these attacks attempt to exploit.
'We will continue to monitor the threat environment and update this advisory if this situation changes.'
Microsoft may fix the problem in its regular monthly security update or issue an emergency software patch.
PC Pro magazine's security editor, Darien Graham-Smith, said hackers were always on the look out for new ways to access penetrate computers.
'The message needs to get out that this malicious code can be planted on any web site, so simple careful browsing isn't enough.
'Every browser is susceptible to vulnerabilities from time to time. It's fine to say 'don't use Internet Explorer' for now, but other browsers may well find themselves in a similar situation,' he said.
From Daily Mail
What is one to do? :searchme:
Ten of millions of people who access the web using Microsoft's Internet Explorer could be vulnerable to having their computer hijacked because of a serious new security flaw.
Security experts urged people to switch to rival browsers such as Firefox, Opera or Safari, until the bug has been fixed.
The problem, first revealed last week, allows criminals to take over computers and steal passwords if the user visits an infected website.
As many as 10,000 sites have already been compromised to take advantage of the flaw, according to anti-virus software producer Trend Micro.
So far the websites, which are mostly Chinese, have been used to steal computer game passwords which can be sold on the black market.
Hackers can secure up to £9,000 for these passwords from fanatical gamers. But Trend Micro security researcher Paul Ferguson confirmed there were major concerns that the problem could be exploited by 'more financially motivated criminals for more serious mayhem'.
Microsoft said it had so far only found attacks against version 7 of Internet Explorer, the world's most popular web browser, but warned that other versions were 'potentially vulnerable'.
In a security update issued yesterday, the computer giant said: 'We are actively investigating the vulnerability that these attacks attempt to exploit.
'We will continue to monitor the threat environment and update this advisory if this situation changes.'
Microsoft may fix the problem in its regular monthly security update or issue an emergency software patch.
PC Pro magazine's security editor, Darien Graham-Smith, said hackers were always on the look out for new ways to access penetrate computers.
'The message needs to get out that this malicious code can be planted on any web site, so simple careful browsing isn't enough.
'Every browser is susceptible to vulnerabilities from time to time. It's fine to say 'don't use Internet Explorer' for now, but other browsers may well find themselves in a similar situation,' he said.
From Daily Mail
What is one to do? :searchme: