INTERNET BUSINESS NEWS-(C)1995-2006 M2 COMMUNICATIONS LTD

Warnings about a serious vulnerability in the Internet Explorer browser which enables a PC to be hijacked by attackers, have been issued by software company Microsoft.

The flaw, discovered by researcher Adam Thomas, is reportedly based around the way the browser deals with vector graphics, enabling web pages to exploit the problem and install malicious programs onto the user's PC.

Microsoft plans to patch the flaw in its security update due on 10 October, or earlier if warranted, and while it has not yet produced a fix to close the bug, it has provided advice about how to try to avoid falling victim.

Security company Sunbelt Software said the flaw is being exploited on certain porn sites and found attackers installed substantial spyware and other malicious programs during tests on a Windows machine with up to date security updates.

Windows PC users are advised to install anti-virus software and keep it up to date, install a personal firewall, use Windows updates to patch known security holes and not to open suspicious e-mail messages or unexpected attachments.

The US Computer Emergency Response Team (CERT) and the Sans security organisation have also issued warnings about the vulnerability, with CERT stating it is unaware of a practical solution to the problem at present.

((Comments on this story may be sent to info@m2.com))

COPYRIGHT 2006 M2 Communications Ltd.
COPYRIGHT 2006 Gale Group