Microsoft was to release an emergency patch yesterday to fix a perilous software flaw allowing hackers to hijack Internet Explorer (IE) browsers and take over computers.
The US software giant said on Tuesday that in response to “the threat to customers” it immediately mobilized security engineering teams worldwide to deliver a software cure “in the unprecedented time of eight days.”
Researchers at software security firm Trend Micro say attacks based on the vulnerability in the world’s most popular Web browser are “spreading like wildfire” with millions of computers already compromised.
Microsoft typically releases patches for its software on the second on Tuesday of each month and rushing this fix to computer users out-of-cycle is testimony to the severe danger of the threat, according to Trend Micro.
“When the patch is released people should run, not walk, to get it installed,” said Trend Micro advanced threat researcher Paul Ferguson.
“This vulnerability is being actively exploited by cyber-criminals and getting worse every day,” he said.
Trend Micro has identified about 10,000 Web sites that have been infected with malicious software that can be surreptitiously slipped into visitors’ unprotected IE browsers to take advantage of the flaw.
“What makes this so insidious it takes advantage of a big gaping hole of IE, which has the largest install base of any browser on the market,” Ferguson said.
IE is used on nearly three-quarters of the world’s computers, industry statistics from last month showed.
Microsoft’s move came one day after Cisco issued a report saying armies of hijacked computers are flooding the world with spam as hackers devise slicker ways to take over unwitting people’s machines.
Virus-infected computers are woven into “botnets” used to attack more machines and to send specious sales pitches to e-mail addresses in low-cost quests to bilk readers out of cash.
“Every year we see threats evolve as criminals discover new ways to exploit people, networks and the Internet,” Cisco chief security researcher Patrick Peterson said.
This year, botnets were used to inject an array of legitimate Web sites with an IFrames malicious code that reroutes visitors to Web sites that download computer viruses into their machines, Cisco said.
Seven people sustained mostly minor injuries in an airplane fire in South Korea, authorities said yesterday, with local media suggesting the blaze might have been caused by a portable battery stored in the overhead bin. The Air Busan plane, an Airbus A321, was set to fly to Hong Kong from Gimhae International Airport in southeastern Busan, but caught fire in the rear section on Tuesday night, the South Korean Ministry of Land, Infrastructure and Transport said. A total of 169 passengers and seven flight attendants and staff were evacuated down inflatable slides, it said. Authorities initially reported three injuries, but revised the number
‘BALD-FACED LIE’: The woman is accused of administering non-prescribed drugs to the one-year-old and filmed the toddler’s distress to solicit donations online A social media influencer accused of filming the torture of her baby to gain money allegedly manufactured symptoms causing the toddler to have brain surgery, a magistrate has heard. The 34-year-old Queensland woman is charged with torturing an infant and posting videos of the little girl online to build a social media following and solicit donations. A decision on her bail application in a Brisbane court was yesterday postponed after the magistrate opted to take more time before making a decision in an effort “not to be overwhelmed” by the nature of allegations “so offensive to right-thinking people.” The Sunshine Coast woman —
BORDER SERVICES: With the US-funded International Rescue Committee telling clinics to shut by tomorrow, Burmese refugees face sudden discharge from Thai hospitals Healthcare centers serving tens of thousands of refugees on the Thai-Myanmar border have been ordered shut after US President Donald Trump froze most foreign aid last week, forcing Thai officials to transport the sickest patients to other facilities. The International Rescue Committee (IRC), which funds the clinics with US support, told the facilities to shut by tomorrow, a local official and two camp committee members said. The IRC did not respond to a request for comment. Trump last week paused development assistance from the US Agency for International Development for 90 days to assess compatibility with his “America First” policy. The freeze has thrown
TESTING BAN: Satellite photos show a facility in the Chinese city of Mianyang that could aid nuclear weapons design and power generation, a US researcher said China appears to be building a large laser-ignited fusion research center in the southwestern city of Mianyang, experts at two analytical organizations said, a development that could aid nuclear weapons design and work exploring power generation. Satellite photos show four outlying “arms” that would house laser bays, and a central experiment bay that would hold a target chamber containing hydrogen isotopes the powerful lasers would fuse together, producing energy, said Decker Eveleth, a researcher at US-based independent research organization CNA Corp. It is a similar layout to the US$3.5 billion US National Ignition Facility (NIF) in northern California, which in 2022 generated
RSS