Microsoft has warned about a flaw on the Internet Explorer browser that could allow hackers to take control of unprotected computers.
The bug allows hackers to inject malware onto any system if they manage to trick users into visiting booby-trapped websites. Anyone with Internet Explorer (IE) 6 to 8 is potentially affected.
The code to exploit the bug has already been published. The computer giant said there was no evidence it was being used yet by criminals but they were “investigating” and working on a permanent fix, reports the Daily Mail.
The bug targets how the browser manages a computer's memory when it is processing Cascade Style Sheets — which are design instructions that determine how most web pages look.
Hackers can inject their own code into the stream of instructions and in this way hijack the PC.
Although Microsoft has improved how memory management is protected, it does not work when some older parts of Windows are called on.
The bug first came to light on the seclists.org full disclosure mailing list earlier this month.
No comments:
Post a Comment