- Title: UK: Microsoft issues Internet Explorer security alert
- Date: 17th December 2008
- Summary: CLOSEUP OF INTERNET EXPLORER 7 WEB PAGE
- Embargoed: 1st January 2009 12:00
- Keywords:
- Topics: Communications
- Reuters ID: LVA59XPEXYLFBLXA6MMQ5B2WMMCK
- Story Text: Computer expert urges Internet users to find alternative web browser after Microsoft admit security threat to Internet Explorer.
Internet users should avoid Microsoft's Internet Explorer, working with other browsers to avoid a security loophole, an IT expert said on Tuesday (December 16).
The software contains a security gap that effectively allows criminals to hijack a user's computer and use it however they wish.
Microsoft said an initial investigation had shown "limited" attacks were targeting customers using Internet Explorer 7, but added that the vulnerability affected all currently supported versions of the programme.
Rik Ferguson, senior security advisor at Trend Micro, an anti-virus software producer, said that there was currently no protection available for the programme.
"Unfortunately there is no patch available for this vulnerability.
What that means to the end user is that if they browse to a website that is hosting a malicious script they can, invisibly, be forced to download malware which contains a trojan which will then download further malware to steal their personal information," he added.
Ferguson said all variants of Internet Explorer were at risk.
"It's a very serious threat, it affects all versions of Internet Explorer on all versions of Microsoft Windows and as I say, because there is no patch available, there is no mitigation available from Microsoft for that," Ferguson said.
"What people should do to protect themselves, if they can they should avoid using Internet Explorer, switch to an alternative browser," he added.
The software giant said it was providing information and advice on its website, and while monitoring the threat landscape, would take action against malicious websites that attempt to exploit the vulnerability.
Ferguson outlined the risk.
"They could be infected with a programme that will send spam from their computer, they could be used to host illicit websites. I guess in a worst case scenario you could imagine that someone's computer could be used against their will to host a child pornography website," he said.
"Once you have a trojan on your machine and your machine is connected to a command and control infrastructure under the command of cyber criminals, they really can use your resources to do anything that they want, steal your information, attack other people, send spam," he added.
Microsoft encourages customers to follow the "Protect Your Computer" guidance of enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software. - Copyright Holder: REUTERS
- Copyright Notice: (c) Copyright Thomson Reuters 2011. Open For Restrictions - http://about.reuters.com/fulllegal.asp
- Usage Terms/Restrictions: Video restrictions: parts of this video may require additional clearances. Please see ‘Business Notes’ for more information.