Microsoft was to release an emergency patch yesterday to fix a perilous software flaw allowing hackers to hijack Internet Explorer (IE) browsers and take over computers.
The US software giant said on Tuesday that in response to “the threat to customers” it immediately mobilized security engineering teams worldwide to deliver a software cure “in the unprecedented time of eight days.”
Researchers at software security firm Trend Micro say attacks based on the vulnerability in the world’s most popular Web browser are “spreading like wildfire” with millions of computers already compromised.
Microsoft typically releases patches for its software on the second on Tuesday of each month and rushing this fix to computer users out-of-cycle is testimony to the severe danger of the threat, according to Trend Micro.
“When the patch is released people should run, not walk, to get it installed,” said Trend Micro advanced threat researcher Paul Ferguson.
“This vulnerability is being actively exploited by cyber-criminals and getting worse every day,” he said.
Trend Micro has identified about 10,000 Web sites that have been infected with malicious software that can be surreptitiously slipped into visitors’ unprotected IE browsers to take advantage of the flaw.
“What makes this so insidious it takes advantage of a big gaping hole of IE, which has the largest install base of any browser on the market,” Ferguson said.
IE is used on nearly three-quarters of the world’s computers, industry statistics from last month showed.
Microsoft’s move came one day after Cisco issued a report saying armies of hijacked computers are flooding the world with spam as hackers devise slicker ways to take over unwitting people’s machines.
Virus-infected computers are woven into “botnets” used to attack more machines and to send specious sales pitches to e-mail addresses in low-cost quests to bilk readers out of cash.
“Every year we see threats evolve as criminals discover new ways to exploit people, networks and the Internet,” Cisco chief security researcher Patrick Peterson said.
This year, botnets were used to inject an array of legitimate Web sites with an IFrames malicious code that reroutes visitors to Web sites that download computer viruses into their machines, Cisco said.
The Philippines yesterday said its coast guard would acquire 40 fast patrol craft from France, with plans to deploy some of them in disputed areas of the South China Sea. The deal is the “largest so far single purchase” in Manila’s ongoing effort to modernize its coast guard, with deliveries set to start in four years, Philippine Coast Guard Commandant Admiral Ronnie Gil Gavan told a news conference. He declined to provide specifications for the vessels, which Manila said would cost 25.8 billion pesos (US$440 million), to be funded by development aid from the French government. He said some of the vessels would
CARGO PLANE VECTOR: Officials said they believe that attacks involving incendiary devices on planes was the work of Russia’s military intelligence agency the GRU Western security officials suspect Russian intelligence was behind a plot to put incendiary devices in packages on cargo planes headed to North America, including one that caught fire at a courier hub in Germany and another that ignited in a warehouse in England. Poland last month said that it had arrested four people suspected to be linked to a foreign intelligence operation that carried out sabotage and was searching for two others. Lithuania’s prosecutor general Nida Grunskiene on Tuesday said that there were an unspecified number of people detained in several countries, offering no elaboration. The events come as Western officials say
Hundreds of thousands of Guyana citizens living at home and abroad would receive a payout of about US$478 each after the country announced it was distributing its “mind-boggling” oil wealth. The grant of 100,000 Guyanese dollars would be available to any citizen of the South American country aged 18 and older with a valid passport or identification card. Guyanese citizens who normally live abroad would be eligible, but must be in Guyana to collect the payment. The payout was originally planned as a 200,000 Guyanese dollar grant for each household in the country, but was reframed after concerns that some citizens, including
A plane bringing Israeli soccer supporters home from Amsterdam landed at Israel’s Ben Gurion airport on Friday after a night of violence that Israeli and Dutch officials condemned as “anti-Semitic.” Dutch police said 62 arrests were made in connection with the violence, which erupted after a UEFA Europa League soccer tie between Amsterdam club Ajax and Maccabi Tel Aviv. Israeli flag carrier El Al said it was sending six planes to the Netherlands to bring the fans home, after the first flight carrying evacuees landed on Friday afternoon, the Israeli Airports Authority said. Israeli Prime Minister Benjamin Netanyahu also ordered
RSS