0 Members and 1 Guest are viewing this topic.
Microsoft has warned consumers that a vulnerability in its Internet Explorer browser could let hackers gain access and user rights to their computer. The flaw affects Internet Explorer (IE) versions 6 to 11 and Microsoft said it was aware of "limited, targeted attacks" to exploit it. According to NetMarket Share, the IE versions account for more than 50% of global browser market. Microsoft says it is investigating the flaw and will take "appropriate" steps. The firm, which issued a security advisory over the weekend, said the steps "may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs".XP impact However, the issue may be of special concern to people still using the Windows XP operating system. That is because Microsoft ended official support for that system earlier this month. It means there will be no more official security updates and bug fixes for XP from the firm. Microsoft has suggested businesses and consumers still using the system should upgrade to a newer alternative.Cyber security firm Symantec said it had carried out tests which confirmed that "the vulnerability crashes Internet Explorer on Windows XP". "This will be the first zero day vulnerability that will not be patched for Windows XP users," it added. About 30% of all desktops are thought to be still running Windows XP and analysts have previously warned that those users would be vulnerable to attacks from cyber-thieves.'Complete control' Microsoft said that hackers looking to exploit the flaw could host a "specially crafted website" containing content that can help them do so. However, they would still need to convince users to view the website for them to be able to gain access to their computer. They could do this by getting them to click on a link sent via an email or instant messenger, or by opening an attachment sent through an email. But the firm added that Internet Explorer on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2 runs in a restricted mode, which "mitigates this vulnerability".However, a hacker would have "no way to force users" to view the content. If successful, a hacker could gain the same rights as the computer's current user. "If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system," the firm warned. "An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."
The Australian, British and US governments have advised computer users to use alternatives to Microsoft's Internet Explorer browser until the company fixes a security flaw that hackers used to launch attacks.The Internet Explorer bug, disclosed over the weekend, is the first high-profile computer threat to emerge since Microsoft stopped providing security updates for Windows XP earlier this month. That means PCs running the 13-year-old operating system will remain unprotected, even after Microsoft releases updates to defend against it. Until Microsoft does fix the flaw, versions 6 to 11 of Internet Explorer remain vulnerable across all operating systems.The Department of Homeland Security's US Computer Emergency Readiness Team said in an advisory that the vulnerability could lead to "the complete compromise" of an affected system.AdvertisementThe Australian government's Stay Smart Online alert service said users could deploy two different types of temporary fixes as suggested by Microsoft. But it said a simpler alternative was to download and install a different browser such as Google Chrome or Mozilla Firefox.The recently established UK National Computer Emergency Response Team issued similar advice to British computer users, saying that in addition to considering alternative browsers, they should make sure their anti-virus software is current and regularly updated."An attacker who successfully exploited this vulnerability could take complete control of an affected system," Microsoft said in a security advisory."An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."
Now that XP has reached its end of life you can save yourself some further headaches by not using adobe products