Computer users were told on Monday night to stop using Microsoft’s hugely popular Internet Explorer web browser after the discovery that it is wide open to hacking attacks.
The discovery of a bug raised concerns that criminals could gain access to bank accounts and private email accounts.
As Microsoft raced fix the flaw, experts said the best solution was to use another browser such as Google’s Chrome or Mozilla Firefox.
The vulnerability is said to affect Internet Explorer versions 6 to 11, representing more than half the global market for desktop computer web browsers. A quarter of computer users in the UK surf the web via Internet Explorer.
Web security experts at the US Department of Homeland Security on Monday night warned that the weakness could lead to ‘the complete compromise’ of an affected computer.
In the UK, the recently established National Computer Emergency Response Team issued similar advice, saying that in addition to considering alternative browsers, computer owners should make sure their antivirus software is current and updated regularly.
The bug is the first high-profile computer threat to emerge since Microsoft stopped providing security updates for Windows XP earlier this month.
It means PCs running the 13-year-old operating system will remain unprotected, even after Microsoft releases updates for newer computers to defend against it.
The bug works by luring victims to a website that corrupts the computer’s memory. This allows hackers to run a program within Internet Explorer which gives them control of the computer.
News of the vulnerability surfaced over the weekend. Cybersecurity software maker FireEye Inc. said a sophisticated group of hackers have been exploiting the bug in a campaign dubbed ‘Operation Clandestine Fox’.
Because the hack uses a corrupted Adobe Flash file to attack the victim’s computer, users can avoid it by turning off Adobe Flash. FireEye explained: ‘Disabling the Flash plugin within Internet Explorer will prevent the exploit from functioning.’
Security experts have long been warning Windows XP users to upgrade to Windows 7 or 8 before Microsoft stopped supporting it at the beginning of this month.
This new threat could be the wake-up call that prompts the estimated 15 to 25 per cent of PC users who still use XP to upgrade.
‘Everybody should be moving off of it now. They should have done it months ago,’ said Jeff Williams, of internet security firm Dell SecureWorks.
Computer expert Roger Kay said he expects several hundred million people running Windows XP to dump those machines for other devices by the end of the year. – Daily Mail