Published: Tuesday September 18, 2012 MYT 8:17:00 AM
Security experts warn of bug in Microsoft's Web browser
BOSTON: Computer security experts are urging PC users to temporarily stop browsing the Web with Microsoft Corp's Internet Explorer, saying a newly identified bug in the software makes computers susceptible to attack by hackers.
"Bad guys can use this vulnerability to do bad things to your computer. They can access all the files you have access to on your computer," said Tod Beardsley, an engineering manager with the security firm Rapid7.
In response to a request for comment, Microsoft said in a statement, "We are actively investigating these reports and will take the necessary steps to help protect customers."
In the meantime, security experts said that computer users should avoid Internet Explorer.
"There are other browsers that people can use temporarily until the problem gets fixed. Or they can gamble," said Paul Ferguson, senior threat researcher with Japanese anti-virus software maker Trend Micro Inc.
"Why take the risk? I'd stay the heck away," said Jeff Bardin, chief intelligence officer with Treadstone 71, a cyber security consulting firm.
Eric Romang, a security adviser with e-Business & Resilience Centre, a firm in Luxembourg, discovered the bug on Friday while investigating servers that he suspected were being used by hackers, according to his blog.
Those hackers had figured out a way to infect computers by exploiting the previously unknown vulnerability in Internet Explorer, according to Beardsley.
The hackers could put malicious code onto healthy websites and cause surfers who visited those sites to have their machines infected, Beardsley said.
Internet Explorer was the world's second-most widely used browser last month, with about 33 percent market share, according to StatCounter. It was close behind Google Inc's Chrome browser, which had 34 percent of the market.
Marc Maiffret, chief technology officer of security firm BeyondTrust, said that some businesses may not be able to stop using Internet Explorer because they use applications or sites that are not compatible with Chrome or other options.
He said that such companies might consider making their systems compatible with Chrome - Reuters