A new bug in Internet Explorer web browser has been discovered which makes PCs vulnerable to attack by hackers and urged customers to download a piece of security software to mitigate the risk of infection.
The security flaw affects hundreds of millions of Internet Explorer browser users. Microsoft said attackers can exploit the bug to infect the PC of somebody who visits a malicious website and then take control of the victim’s computer. The company is working on the problem.
As an interim measure, Microsoft makes a available a free security tool, which is known as the Enhanced Mitigation Experience Toolkit, or EMET, at Microsoft’s website as Security Advisory 2757760 : http://blogs.technet.com/b/msrc/
The EMET software must be downloaded, installed and then manually configured to protect computers from the newly discovered threat, according to the posting from Microsoft. The company also advised customers to adjust several Windows security settings to thwart potential attackers, but cautioned that doing so might impact the PC’s usability.
Some security experts said it would be too cumbersome for many PC users to implement the measures suggested by Microsoft. Instead they advised Windows users to temporarily switch from Internet Explorer to rival browsers such as Google Inc’s Chrome, Mozilla’s Firefox or Opera Software ASA’s Opera.
Eric Romang, a researcher in Luxembourg, discovered the flaw in Internet Explorer on Friday, when his PC was infected by a piece of malicious software known as Poison Ivy that hackers use to steal data or take remote control of PCs.
Internet Explorer was the world’s second-most widely used browser last month, with about 33 per cent market share, according to StatCounter. It was close behind Chrome, which had 34 per cent of the market.