PDA

View Full Version : Microsoft warning over browser security flaw



redred
02-01-2011, 09:47 AM
Microsoft has issued a "critical" warning over a newly-discovered flaw in Windows.

In a security advisory, the company warned of a loophole that could be used by malicious hackers to steal private information or hijack computers.

The bug potentially affects every user of the Internet Explorer web browser - around 900 million people worldwide.

Microsoft has issued a software patch to defend against attacks, and said it was working to develop a long-term fix.

The security advisory, which was published on Friday, details how the vulnerability can be used to manipulate users and take over their machines.

Although the flaw is actually inside Windows itself, it only appears to affect the way that Internet Explorer handles some web pages and documents.

Microsoft admitted that the problem meant users could easily be fooled into downloading malicious files by doing something as simple as clicking on a web link.

"When the user clicked that link, the malicious script would run on the user's computer for the rest of the current Internet Explorer session," wrote Microsoft representative Angela Gunn in a website announcement accompanying the advisory.

Once the computer had been hijacked, hackers could use it to steal personal data or send users to fake websites, she added.

"Such a script might collect user information, e.g e-mail, spoof content displayed in the browser or otherwise interfere with the user's experience."

Although Microsoft said it had seen no evidence that the glitch had already been exploited by hackers, it warned that research had shown it was a serious threat.

And while it has not been able to remove the bug itself, it issued a "fix it" security patch to block any attempts to use it.

All Windows users - particularly those who use Internet Explorer - are being urged to download the fix while the company's security team develop a way to plug the hole permanently.

redred
02-01-2011, 09:48 AM
another reason to stay away from IE?

Teh One Who Knocks
02-01-2011, 11:39 AM
I use IE9 Beta for a few sights and I like the new changes they have made with it so far.

They aren't the only browser constantly issuing security updates ;)

redred
02-01-2011, 11:47 AM
it does seem to be the one in the headlines all the time ,but maybe that down to it being the one that most pc's come with as new

Teh One Who Knocks
02-01-2011, 12:32 PM
Yeah, IE is still for some reason the most widely used browser (probably because it's bundled with the OS and a lot of people are just too lazy to d/l something else). I have a subscription to PC World magazine and every month they go over the updates for the various browsers and although IE usually has the most critical updates needed, FF and Chrome are issuing more security fixes than MS is...those two browsers are popular enough now that people are looking for ways to exploit them just like IE.

redred
02-01-2011, 01:00 PM
speaking of which all my updates have just kicked in 40 of them