Serious security flaw found in IE
Users of the world's most common web browser have been
advised to switch to a rival until a serious security flaw has been fixed.
The flaw in Microsoft's Internet Explorer could allow criminals to take
control of people's computers and steal their passwords, internet experts
Microsoft is investigating the problem and preparing an emergency software
patch to resolve it, it says.
Internet Explorer is used by the vast majority of the
world's computer users.
"Microsoft is continuing its investigation of public reports of attacks
against a new vulnerability in Internet Explorer," said the firm in a
security advisory alert about the flaw.
Microsoft says it has detected attacks against version seven of the browser
- its most widely used edition.
But the company warned that other versions were also potentially vulnerable.
As many as 10,000 websites have been compromised since last week to take
advantage of the security flow, said antivirus software maker Trend Micro.
The websites have been mostly serving up programs that steal computer game
passwords, but the flaw could be "adopted by more financially motivated
criminals", a Trend Micro security researcher said on Monday.
PC Pro magazine's security editor, Darien Graham-Smith, said that there was
a virtual arms race going on, with hackers always on the look out for new
"The message needs to get out that this malicious code can be planted on any
web site, so simple careful browsing isn't enough."
"It's a shame Microsoft have not been able to fix this more quickly, but
letting people know about this flaw was the right thing to do. If you keep
flaws like this quiet, people are put at risk without knowing it."
"Every browser is susceptible to vulnerabilities from time to time. It's
fine to say 'don't use Internet Explorer' for now, but other browsers may
well find themselves in a similar situation," he added.