Noticed this earlier on the
Sky News Site
Microsoft will rush out an emergency fix for its Internet Explorer (IE) software after the discovery of a flaw which allows hackers to take over PCs.
The flaw allows Internet Explorer to be directed to infected websites
The company says it will release a patch for the web browser today, rather than waiting for its regular security update next month.
The flaw was discovered last week and attacks are "spreading like wildfire", according to software security firm Trend Micro.
The company's senior security adviser Rik Ferguson told Sky News Online: "It's a flaw that affects every version of Explorer on all versions of Windows.
"The main problem is that there isn't a patch available, so it is very widespread."
Mr Ferguson explained that many cyber criminals operate by using malware - software that is installed on people's computers without them knowing.
The software can then run in the background and connect to servers elsewhere, giving it the potential to detect and then pass on confidential information.
He explained that many pieces of malware are 'injected' onto websites across the world, often by cybercriminals who install them by using sign-up forms or other methods of interacting with a website.
The malware then runs a piece of Javascript that can detect when the site is being accessed on Explorer, and it then activates and downloads the malicious software.
Trend Micro believes as many as 10,000 sites have already been compromised, though Mr Ferguson said it is impossible to know how many might have been hit.
His advice is to switch to another browser until the patch is released, as the malicious code only activates when it detects Explorer.
Microsoft has rejected this advice and instead recommends putting security settings at high and turning Vista onto protected mode.
Mr Ferguson said: "All of their solutions are going to make browsing less attractive, less interactive and a lot less normal."
John Curran, head of Microsoft's Windows commercial business group in the UK, said: "Obviously when you are talking about a customer base of over one billion people, any amount of vulnerability is too much and any type of infection is going to see a large number of people affected by it."
He added the flaw was primarily being exploited in China, where it has been used to steal passwords from gamers.
Concerned users should click
here for the latest advice from Microsoft.
Bookmarks