Keep up with the news by installing RT’s extension for . Never miss a story with this clean and simple app that delivers the latest headlines to you.

 

Internet Explorer users risk having their computers taken over

Published time: April 28, 2014 18:45
Edited time: April 29, 2014 17:47
Internet Explorer logo

Internet Explorer logo

​A major security flaw affecting several versions of Microsoft’s Internet Explorer web browser was discovered over the weekend, and the percentage of computer users that could be compromised by the exploit is absolutely staggering.

Bill Gates’ Microsoft Corp. announced on Saturday that Internet Explorer versions 6 through 11 are all vulnerable to a glitch that when properly exploited can give hackers remote access to a victim’s computer.

When combined, versions nine through 11 of the browser accounted for 26.25 percent of all web traffic in 2013, security firm FireEye claimed over the weekend. If all vulnerable versions are accounted for, however, then upwards of 56 percent of the browsers currently in use around the world are reportedly in danger of being exploited.

A person with knowledge of the vulnerability may create a fake website that, when visited, allows the hacker to exploit the bug and break into their target’s machine, Microsoft warned.

"An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change or delete data; or create new accounts with full user rights," the company advised.

According to FireEye spokesman Vitor De Souza, hackers had already taken advantage of the exploit by targeting unnamed US-based firms that are tied to the defense and financial sectors.

"It's unclear what the motives of this attack group are, at this point,” De Souza told Reuters on Sunday. "It appears to be broad-spectrum intel gathering."

On the official FireEye blog, security experts said that the hacking campaign has been dubbed “Operation Clandestine Fox,” and is consistent with other attacks linked to an advanced persistent threat group that has previously attracted the attention of investigators.

The unknown APT group has had access to "a select number of browser-based 0-day exploits in the past,” FireEye stated, but declined to publish further details.

Microsoft was unable to patch the vulnerability by the time the weekend was over, and the United States government’s Computer Emergency Readiness Team (CERT) issued an alert warning computer users to “consider employing an alternative web browser.”

"We are currently unaware of a practical solution to this problem," Carnegie Mellon's Software Engineering Institute warned in an advisory of its own.

Additionally, news of the vulnerability surfaced only weeks after Microsoft officially retired from offering security patches to its highly popular XP operating system.

"XP users are not safe anymore and this is the first vulnerability that will be not patched for their system," Symantec researcher Christian Tripputi warned.

Comments (6)

 

Neter 30.04.2014 16:15

Internet Explorer?!

Can't even remember when I used it the last time...

 

DoAskDoTell 29.04.2014 15:51

On the other hand, this scare tactic could backfire and motivate more people to diversify now...

shor t-term pain... long-term gain for other options ;D

 

TheTransceiver 29.04.2014 13:24

jeff strehlow 29.04.2014 13:04

Even though Microsft has stopped supporting XP they should fix this bug in XP because it's such a bad bug and many people are still using XP. People using XP should use Firefox instead of the archaic Internet Explorer 8, but many are afraid to make any modifications to their computer system.

  


Try not to be so naive. MS, and all of Jewmerica, would fall to pieces without their intentional, planned obsolescence.

View all comments (6)
Add comment

Authorization required for adding comments

Register or

Name

Password

Show password

Register

or Register

Request a new password

Send

or Register

To complete a registration check
your Email:

OK

or Register

A password has been sent to your email address

Edit profile

X

Name

New password

Retype new password

Current password

Save

Cancel

Follow us

Follow us