News

You have probably all heard by now the security hole in Internet Explorer.  We strongly suggest that you update all of your browsers to ensure that you are not adversely affected.  Please Contact Us if you would like us to do this for you.

MICROSOFT today released an emergency software patch for its Internet Explorer web browser after a critical flaw in the program put millions of computers at risk of being hijacked.

Microsoft said it was imperative users patch their systems as soon as possible because the flaw in Internet Explorer could be armed to hijack computers for nefarious uses.

"There is no need for people to be tricked into clicking a link or download a file, the nature of the vulnerability means the malicious program loads by stealth," said Adam Biviano, alliance manager of software security vendor Trend Micro.

Once a computer is infected, hackers can take control of it to steal personal data, install Trojans or viruses, or use machines for devious activities such as attacks on other networks, Microsoft said.

While Trend Micro described the spread of the exploit like "wildfire" with millions of computers already compromised, Microsoft Australia's strategic security adviser Stuart Strathdee downplayed the number of infected users.

"Locally, the threat is quite small and few Australian customers have been impacted by this," he said.

Mr Strathdee said the majority of reported infections occurred in mainland China where the threat originated from early last week. The exploit then spread to Taiwan where a major internet portal was among websites unknowingly tainted with malicious software.

The exploit has since spread to put users from all over the globe at risk.

Security firm Sophos said it was difficult to determine the number of websites that were targeting the Internet Explorer flaw.

“While it’s impossible to say how many websites contain this particular Internet Explorer exploit, our Sophos Labs find an average of nearly 20,000 newly infected web links like this each day, every day,” Sophos head of technology, Asia Pacific, Paul Ducklin said.

Due to the severity of the threat Microsoft’s worldwide security engineering teams worked to develop the software cure for the Internet Explorer exploit in record time.

Internet Explorer’s popularity as the world’s most used web browser, with a market share just over 70 per cent, also expedited the release of the fix.

Microsoft usually releases patches for its software on the second Tuesday of each month but rushed this fix to computer users within eight days.

Sophos’s Mr Ducklin said the best protection against this particular Internet Explorer exploit was to install the Microsoft patch as soon as possible.

“The price of freedom is eternal vigilance and if you’re not taking care to patch your computer then you can be sure that the bad guys are looking for a way to use the holes you’ve left against you,” Mr Ducklin said.

Microsoft advises users to go to http://www.microsoft.com.au/security to download the latest Internet Explorer patch.