Wednesday, January 20, 2010

Microsoft to patch hole in Internet Explorer


Microsoft will patch a hole in its Internet Explorer browser that may have allowed Chinese hackers access to human rights activists' e-mail accounts.
The firm normally issues patches at a set time each month but said that the attention the problem had received forced it to move more quickly.
It follows the French and German governments decision to advise citizens to use other browsers.
The bad publicity has allowed rivals such as Firefox to gain market share.
According to web analytics company StatCounter Firefox is now a close second to Internet Explorer (IE) in Europe, with 40% of the market compared to Microsoft's 45% share.
In some markets, including Germany and Austria, Firefox has overtaken IE, the firm said.
Microsoft said it had now decided to act on the security hole.
"Given the significant level of attention this issue has generated, confusion about what customers can do to protect themselves and the escalating threat environment Microsoft will release a security update out-of-band for this vulnerability," said Microsoft's general manager of Microsoft's trustworthy computing security group George Stathakopoulos.
"We take the decision to go out-of-band very seriously given the impact to customers, but we believe releasing an update is the right decision at this time," he said.
He said that the only successful attacks "to date" were against IE 6.
"We continue to recommend customers update to Internet Explorer 8 to benefit from the improved security protection it offers," he said in a security advisory.
Following the high profile attacks on Google, Microsoft admitted that IE was a "weak link" in the attacks.
It said that the vulnerability could allow hackers to remotely run programs on infected machines.
The recent spate of attacks were alleged to have hit more than 30 companies including Google and Adobe.
Google threatened to withdraw from the Chinese market following the attacks.

BBC News


Bookmark and Share