Browser flaw seen on porn sites

Microsoft has issued warnings about a serious flaw in Internet Explorer that allows attackers to hijack a PC via the popular browser. Security firm Sunbelt Software said the vulnerability was being actively exploited on some porn websites. So far there is no fix to close the bug in the browsing program but Microsoft has issued advice about how to avoid falling victim. It said it would patch the bug in its next security update due on 10 October. Researcher Adam Thomas uncovered the exploit which revolves around the way that the Internet Explorer browser handles a particular form of graphics known as vector graphics. A properly crafted webpage can exploit this problem and install almost anything they want on the target machine. Unusable PC Tests by Sunbelt Software on a Windows machine patched with all the latest security updates showed attackers installing a huge amount of spyware and other malicious programs. Any Windows PC suffering such an infection would become unusable. Following the discovery of the bug, Microsoft issued a formal alert that tells users how to avoid falling victim while a patch is being prepared. Microsoft said the patch would be ready for the next monthly security update on 10 October. However, it said it would release the patch earlier if the situation warrants it. Warnings also followed from the US Computer Emergency Response Team and the Sans security organisation. In its alert Cert said: "We are currently unaware of a practical solution to this problem." No responsibility can be taken for the content of external Internet sites.

print this article

Return to internet news headlines
View Internet News Archive

Share with: