17/12/2008 - Browser bug leaves users vulnerable
Internet users are being warned that a security flaw in Microsoft's Internet Explorer web browser has led to the infection of more than two million computers worldwide.
The software giant said the problem begins when web surfers visit infected sites. Once a user's PC is infected, criminals can go on to steal passwords and, potentially, user information.
Anti-virus software producer Trend Micro said as many as 10,000 sites have already been compromised in order for hijackers to take advantage of the flaw in the browser.
So far the websites, mostly based in China, have largely been used to obtain computer game passwords which can be sold on the black market. But the "zero day" vulnerability - so-called because it has not yet been fixed - could be used to steal people's banking and personal details.
Rik Ferguson, Trend Micro's senior security adviser in the UK, said the flaw was of "really high value to the cyber-crime community", adding: "The threat from it is only going to grow. Zero days are unusual - and zero days in the world's most popular browser on the world's most popular operating system are really unusual," he said.
John Curran, head of Microsoft's Windows commercial business group in the UK, said the company was "working around the clock" to fix the problem.
Copyright © Press Association 2008
Related links
|
