Comments
Microsoft has found a security flaw in its popular web browser — Internet Explorer — which could allow hackers to gain control of a computer, and there have already been targeted attacks to exploit the bug.
The risk from the flaw could allow hackers to gain control of a victim’s computer and Microsoft admitted there had already been “limited, targeted attacks” to exploit it.
Microsoft said the bug affects Internet Explorer (IE) versions 6 to 11 and that the firm is investigating the flaw and will take “appropriate” steps, the ‘BBC News’ reported.
The US software giant, which issued a security advisory over the weekend, said the steps “may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs“.
The issue may be of special concern to people still using the Windows XP operating system because Microsoft ended its official support for that system earlier this month.
“The vulnerability crashes Internet Explorer on Windows XP,” said Cyber security firm Symantec that carried out tests to confirmed the risk.
According to Microsoft, hackers looking to exploit the flaw could host a “specially crafted website” containing content that can help them do so, the report said.
They could trap users into clicking on a link sent via an email or instant messenger, or by opening an attachment sent through an email.
In case they are successful, hackers could gain the same rights as the computer’s current user.
“If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system,” Microsoft warned.
“An attacker could then install programmes; view, change, or delete data; or create new accounts with full user rights,” the firm said.
The IE versions account for more than 50 per cent of global browser market, according to NetMarket Share.
Earlier this month, the Heartbleed bug, had set alarm bells ringing across the globe, including in India, for fear of exposing millions of passwords, credit card numbers and other sensitive information to hackers.
Comments
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.