Sponsored By
An organization or individual has paid for the creation of this work but did not approve or review it.

ADVERTISEMENT

ADVERTISEMENT

Microsoft rushes to fix browser bug after attacks

BOSTON - Microsoft Corp. is rushing to fix a bug in its widely used Internet Explorer Web browser after a computer security firm disclosed the flaw over the weekend, saying hackers have already exploited it in attacks on some U.S. companies.

BOSTON - Microsoft Corp. is rushing to fix a bug in its widely used Internet Explorer Web browser after a computer security firm disclosed the flaw over the weekend, saying hackers have already exploited it in attacks on some U.S. companies.

PCs running Windows XP will not receive any updates fixing that bug when they are released, however, because Microsoft stopped supporting the 13-year-old operating system earlier this month. Security firms estimate that between 15 and 25 percent of the world's PCs still run Windows XP.

Microsoft disclosed on Saturday its plans to fix the bug in an advisory to its customers posted on its security website, which it said is present in Internet Explorer versions 6 to 11. Those versions dominate desktop browsing, accounting for 55 percent of the PC browser market, according to tech research firm NetMarketShare.

Cybersecurity software maker FireEye Inc. said that a sophisticated group of hackers have been exploiting the bug in a campaign dubbed "Operation Clandestine Fox."

FireEye declined to name specific victims or identify the group of hackers, saying that an investigation into the matter is still active.

ADVERTISEMENT

"It's a campaign of targeted attacks seemingly against U.S.-based firms, currently tied to defense and financial sectors," FireEye spokesman Vitor De Souza said via email. "It's unclear what the motives of this attack group are, at this point. It appears to be broad-spectrum intel gathering."

He declined to elaborate, though he said one way to protect against them would be to switch to another browser.

Microsoft said in the advisory that the vulnerability could allow a hacker to take complete control of an affected system, then do things such as viewing, changing, or deleting data, installing malicious programs, or creating accounts that would give hackers full user rights.

Related Topics: TECHNOLOGY
What To Read Next
A Sanford doctor says moderate cold exposure could be the boost people need for their day.
Nonprofit hospitals are required to provide free or discounted care, also known as charity care; yet eligibility and application requirements vary across hospitals. Could you qualify? We found out.
Columnist Carol Bradley Bursack explains the differences between Alzheimer's, dementia and other common forms of dementia.
While the United States government gave help to businesses and people, a lack of assistance has left some Chinese citizens angry and destitute.