Microsoft Internet Explorer: Company warns security flaw could give hackers 'complete control'

The vulnerability affects versions 6 to 11 of the internet browser

James Vincent
Tuesday 29 April 2014 01:06 EDT
Comments
(REUTERS/Mal Langsdon)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Microsoft has warned users of security flaw in the company’s Internet Explorer browser that could allow hackers to take “complete control” of a user’s computer.

The glitch affects versions 6 to 11 of Internet Explorer, which collectively account for more than 50 per cent of global web traffic.

The company has issued a security advisory regarding the flaw and says that it is currently exploring ways to fix the vulnerability.

“On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs,” wrote the company.

The flaw is particularly hazardous on computers running the recently-discontinued Windows XP operating system. Microsoft ended security support for the 12-year-old software in April, warning users that the lack of updates would put computers running XP at severe risk to hackers and viruses.

Read more: Your guide to surviving the end of XP and upgrading to pastures new

Regarding the newly discovered flaw Microsoft said that it is aware of “limited, targeted attacks” that had taken place, adding that hackers could use a “specially crafted website” to assume control of the user’s computer.

“If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system," warned the company.

"An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."

The company avoided offering any detail regarding the nature of the flaw, saying only that it existed in "the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated."

It isn't clear whether Microsoft will issue a fix for the flaw for Windows XP users or just for individuals running the more recent Vista, 7 and 8 operating systems.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in