Microsoft Rushes To
Fix Major Internet Explorer Security Flaw
Reuters
| by Jim Finkle from Reuters
Posted: 04/27/2014 7:00
pm EDT Updated: 04/27/2014 7:00 pm EDT
BOSTON, April 27 (Reuters) - Microsoft Corp
is rushing to fix a bug in its widely used Internet Explorer web browser after
a computer security firm disclosed the flaw over the weekend, saying hackers
have already exploited it in attacks on some U.S. companies.
PCs running Windows XP will not receive any
updates fixing that bug when they are released, however, because Microsoft
stopped supporting the 13-year-old operating system earlier this month.
Security firms estimate that between 15 and 25 percent of the world's PCs still
run Windows XP
Microsoft disclosed on Saturday its plans
to fix the bug in an advisory to its customers posted on its security website,
which it said is present in Internet Explorer versions 6 to 11. Those versions
dominate desktop browsing, accounting for 55 percent of the PC browser market,
according to tech research firm NetMarketShare.
Cybersecurity software maker FireEye Inc
said that a sophisticated group of hackers have been exploiting the bug in a
campaign dubbed "Operation Clandestine Fox."
FireEye, whose Mandiant division helps
companies respond to cyber attacks, declined to name specific victims or
identify the group of hackers, saying that an investigation into the matter is
still active.
"It's a campaign of targeted attacks
seemingly against U.S.-based firms, currently tied to defense and financial
sectors," FireEye spokesman Vitor De Souza said via email. "It's
unclear what the motives of this attack group are, at this point. It appears to
be broad-spectrum intel gathering." He declined to elaborate, though he
said one way to protect against them would be to switch to another browser.
Microsoft said in the advisory that the
vulnerability could allow a hacker to take complete control of an affected
system, then do things such as viewing changing, or deleting data, installing
malicious programs, or creating accounts that would give hackers full user
rights.
FireEye and Microsoft have not provided
much information about the security flaw or the approach that hackers could use
to figure out how to exploit it, said Aviv Raff, chief technology officer of
cybersecurity firm Seculert.
Yet other groups of hackers are now racing
to learn more about it so they can launch similar attacks before Microsoft
prepares a security update, Raff said.
"Microsoft should move fast," he
said. "This will snowball."
Still, he cautioned that Windows XP users
will not benefit from that update since Microsoft has just halted support for
that product.
The software maker said in a statement to
Reuters that it advises Windows XP users to upgrade to one of two most recently
versions of its operating system, Windows 7 or 8.
============================================
In addition to this blog, I have authored the premiere book on Netiquette, " Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". You can view my profile, reviews of the book and content excerpts at:
www.amazon.com/author/paulbabicki
If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ Rider University and PSG of Mercer County, NJ.
Great Reasons for Purchasing Netiquette IQ
===========================================
.jpg)
============================================
In addition to this blog, I have authored the premiere book on Netiquette, " Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". You can view my profile, reviews of the book and content excerpts at:
www.amazon.com/author/paulbabicki
If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ Rider University and PSG of Mercer County, NJ.
Great Reasons for Purchasing Netiquette IQ
· Get more email opens. Improve 100% or more.
· Receive more responses, interviews, appointments, prospects and sales.
· Be better understood.
· Eliminate indecision.
· Avoid being spammed 100% or more.
· Have recipient finish reading your email content.
· Save time by reducing questions.
· Increase your level of clarity.
· Improve you time management with your email.
· Have quick access to a wealth of relevant email information.
Enjoy most of what you need for email in a single book.===========================================
No comments:
Post a Comment