Microsoft warns on previously unseen IE bug

Iran confirms that a trojan attack has been found on some of its computer systems Major zero-day bugs are rare

Related Stories

Microsoft has released a temporary software fix for a newly discovered bug in its Internet Explorer web browser.

The problem, which affects hundreds of millions of IE browser users, is being used by attackers to install the Poison Ivy trojan.

This piece of malware is used to steal data or take remote control of PCs.

Microsoft moved quickly to address the issue. In a blog post, it said that it was "working to develop a security update".

So-called zero-day, or newly discovered, vulnerabilities are rare. According to security firm Symantec, only eight such bugs were spotted in 2011.

Symantec research manager Liam O Murchu said they were dangerous to users because they were new.

"Any time you see a zero-day like this, it is concerning.

"There are no patches available. It is very difficult for people to protect themselves."

Alternative browsers

The flaw was spotted by Luxembourg-based security expert Eric Romang, when his PC was infected by Poison Ivy last week.

Microsoft told users to download a free patch, the Enhanced Mitigation Experience Toolkit, as a temporary solution while the company continued to work on a long-term fix.

But experts warned the new software must be downloaded and manually configured, making it cumbersome for many ordinary users.

Some advised users to switch to alternative browsers, such as Google's Chrome or Mozilla's Firefox while the bug was being fixed.

It is expected that producing a proper update will take about a week.

More on This Story

Related Stories

More Technology stories

RSS

Features

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.