Watch LIVE

Here's the Internet Explorer 'Fast Spreading' Malicious Bug You Need to Know About


"...a small number of targeted attacks."

(Image: Microsoft)

BERLIN (TheBlaze/AP) -- Of the many Web browsers available to conduct your daily online activity, do you use Internet Explorer? If so, a German government agency overseeing IT safety is warning of a security breach in Microsoft's browser and recommending people use a different one until the problem is fixed.

The browser's "weak point is already being used for targeted attacks," the Federal Office for Information Security warned, adding that the code behind the attack is freely available online and might therefore spread rapidly.

A spokesman for Microsoft Corp. said Tuesday the company is aware of the issue and is working on soon rolling out a software update, a so-called patch, to fix the browser's security features.

"This is not a massive problem. There have been only a small number of targeted attacks," said spokesman Thomas Baumgaertner. He could not provide a figure of the number of attacks recorded so far.

Still, with the browser being used by hundreds of millions of consumers and workers around the world, the German agency that a "fast spreading of the code has to be feared."

In its warning published late Monday, Germany's IT watchdog called on people using Windows XP or Windows 7 operating systems and Internet Explorer versions 7, 8 or 9 to switch to alternative browsers until Microsoft updates the browser's security features.

Attackers lure users to an infected website, for example through an emailed link. Visiting the website then allows hackers to introduce codes to take control of the user's computer, the BSI agency said.

Baumgaertner noted that people should always be vigilant when clicking on links from unknown sources. He also added that many antivirus programs might already be updated to protect their users against attacks through the browser loophole.

Reuters reports the vulnerability was identified late las week when a security researcher was evaluating a computer server that launched a cyberattack -- the Nitro attack -- last year on chemical and defense companies:

Network security firm AlienVault said on Tuesday it has discovered three other servers that host malicious websites that exploit the newly found Internet Explorer vulnerability.

Jaime Blasco, manager of AlienVault Labs, said he found evidence suggesting they targeted defense contractors. As an example, he said he found a related virus on a site that provides news on India's defense sector.

"It seems that these guys are behind big targets," he said.

In addition to using an alternative browser while Microsoft updates its system, Reuters reports the company recommending users download the Enhanced Mitigation Experience Toolkit as a protective measure. This download can be found on Microsoft's website here.

Microsoft states that a downloadable fix for the problem will be released in the next few days.


Most recent
All Articles