This article is from the source 'bbc' and was first published or seen on . It will not be checked again for changes.
You can find the current article at its original source at http://news.bbc.co.uk/go/rss/-/1/hi/technology/7787445.stm
The article has changed 6 times. There is an RSS feed of changes available.
| Version 4 | Version 5 |
|---|---|
| Microsoft releases fix for IE | Microsoft releases fix for IE |
| (about 10 hours later) | |
| Microsoft has issued a patch to fix a security flaw believed to have affected as many as 10,000 websites. | Microsoft has issued a patch to fix a security flaw believed to have affected as many as 10,000 websites. |
| The flaw in Microsoft's Internet Explorer browser could allow criminals to take control of people's computers and steal passwords. | The flaw in Microsoft's Internet Explorer browser could allow criminals to take control of people's computers and steal passwords. |
| Internet Explorer is used by a majority of computer users and the flaw could affect all versions of it. | |
| However, so far the vulnerability has affected only machines running Internet Explorer 7. | However, so far the vulnerability has affected only machines running Internet Explorer 7. |
| Security update MS08-078 would protect customers from active attacks against Internet Explorer, said the US software giant in a statement accompanying the release of the update. | Security update MS08-078 would protect customers from active attacks against Internet Explorer, said the US software giant in a statement accompanying the release of the update. |
| "This update will be applied automatically to hundreds of millions of customers through automatic updates over the next few days," said Mike Reavey, director of the Microsoft Security Response Center (MSRC). | "This update will be applied automatically to hundreds of millions of customers through automatic updates over the next few days," said Mike Reavey, director of the Microsoft Security Response Center (MSRC). |
| Potential danger | Potential danger |
| According to Rick Ferguson, a senior security adviser at security firm Trend Micro, the flaw has so far been used to steal gaming passwords but more sensitive data could be at risk until the security update is installed. | According to Rick Ferguson, a senior security adviser at security firm Trend Micro, the flaw has so far been used to steal gaming passwords but more sensitive data could be at risk until the security update is installed. |
| MICROSOFT SECURITY ADVICE Change IE security settings to high (Look under Tools/Internet Options)Switch to a Windows user account with limited rights to change a PC's settingsWith IE7 or 8 on Vista turn on Protected ModeEnsure your PC is updatedKeep anti-virus and anti-spyware software up to date "It is inevitable that it will be adapted by criminals. It's just a question of modifying the payload the trojan installs," he said. | MICROSOFT SECURITY ADVICE Change IE security settings to high (Look under Tools/Internet Options)Switch to a Windows user account with limited rights to change a PC's settingsWith IE7 or 8 on Vista turn on Protected ModeEnsure your PC is updatedKeep anti-virus and anti-spyware software up to date "It is inevitable that it will be adapted by criminals. It's just a question of modifying the payload the trojan installs," he said. |
| It is relatively unusual for Microsoft to issue what it calls an "out-of-band" security bulletin and experts are reading the decision to rush out a patch as evidence of the potential danger of the flaw. | It is relatively unusual for Microsoft to issue what it calls an "out-of-band" security bulletin and experts are reading the decision to rush out a patch as evidence of the potential danger of the flaw. |
| Some experts have suggested that users switch browsers until the flaw is fixed. | Some experts have suggested that users switch browsers until the flaw is fixed. |
| Firefox, Opera, Chrome and Apple's Safari system are not vulnerable to this current flaw. | Firefox, Opera, Chrome and Apple's Safari system are not vulnerable to this current flaw. |
| But Graham Cluley, senior consultant with security firm Sophos, said no browser is exempt from problems. | But Graham Cluley, senior consultant with security firm Sophos, said no browser is exempt from problems. |
| "Firefox has issued patches and Apple has too. Whichever browser you are using you have to keep it up to date," he said. | "Firefox has issued patches and Apple has too. Whichever browser you are using you have to keep it up to date," he said. |
| "People have to be prepared and willing to install security updates. That nagging screen asking if you want to update should not be ignored," he said. | "People have to be prepared and willing to install security updates. That nagging screen asking if you want to update should not be ignored," he said. |