The US Department of Homeland Security is advising citizens
to use alternatives to Microsoft's Internet Explorer web browser until the
company fixes a security flaw that hackers have used to launch attacks.
The United States Computer Emergence Readiness Team
(US-CERT) said in an advisory that the
vulnerability in versions 6 to 11 of Internet Explorer "could lead to the
complete compromise of an affected system".
Microsoft warned customers over the weekend that a
vulnerability in its Internet Explorer browser could allow hackers to gain
access to their computers.
The flaw affects Internet Explorer versions 6 to 11,
representing more than a half of the global desktop browser market, according
to NetMarket Share.
Microsoft said that it was aware of "limited, targeted attacks" that
exploit the flaw.
"An attacker who successfully exploited this
vulnerability could take complete control of an affected system. An attacker
could then install programs; view, change, or delete data; or create new
accounts with full user rights," the company said in a security advisory.
Microsoft said it is taking appropriate action to protect
its customers, which may include issuing a security patch, either through its
monthly security update release process or as a one-off update.
However, people still using Windows XP will not benefit
from a security patch, as Microsoft stopped supporting the
13-year-old operating system earlier this month.
Cyber security firm Symantec said it had carried out tests
that confirmed the vulnerability crashes Internet Explorer on Windows XP.
"This will be the first zero day vulnerability that will not be patched
for Windows XP users," it said.
Recent research from software company AppSense suggests
that as much as 77 per cent of British businesses are
running Windows XP in some capacity beyond the end of support deadline – including
around half of the UK’s councils and large swathes of the NHS.
"Such organisations could be impacted by further
exploits to this vulnerability as malware creators take further advantage of
this security hole which will remain open," said Simon Townsend, chief
technologist of Europe at AppSense.
"By using an unsupported platform, organisations are
taking a very real risk in terms of data security, as highlighted by this
exploit, and need to either move off XP or strictly control user rights and
application usage."
For users of later versions of Microsoft Windows, Symantec
encourages users to temporarily switch to a different web browser until a patch
is made available.
SOURCE: Telegraph
previous article
Newer Post
No comments
Post a Comment