Emergency Patch for IE Flaw Released

Microsoft released an emergency patch on Wednesday in order to fix a serious security flaw plaguing the Internet Explorer (IE) browser that allows hijackers to take over the computers of susceptible computers. There are currently over 2 million computers that have been infected with the security flaw.

Due to the serious threat this flaw poses to IE users, Microsoft announced on Tuesday that they immediately gathered their security engineering teams in order to find a fix for this flaw “in the unprecedented time of eight days.”

The flaw is given a critical rating and affects all IE versions but specifically the Windows 2000 for IE 5.01: XP, XP Professional, Server 2003 for IE 6; and XP, Server 2003, Vista, Server 2008 for IE 7 versions.

This security flaw lures IE users to enter a malicious website filled with malware. The infected computer then becomes susceptible to be attacked by hackers which steal private data like the user’s passwords. As of now, the flaw is believed to be used primarily for obtaining gaming passwords which used for black market sales. However, this could be further exploited to steal more important information such as banking passwords.

Trend Micro has already detected 10,000 websites filled with malicious malware.

Paul Ferguson, Trend Micro’s advanced threat researcher said: “When the patch is released people should run, not walk, to get it installed. This vulnerability is being actively exploited by cyber-criminals and getting worse every day.”

This security patch can be used for all versions of Internet Explorer.