Microsoft issues emergency 'Google attack' patch

Tagged: google, Software
Source: Independent Online - Read the full article
Posted: 4 years 35 weeks ago

Seattle - Microsoft on Thursday released a patch to protect users of its Internet Explorer browser from attacks similar to those directed at Google operations in China last week.

The world's largest software company, which said hackers targeting Google and at least 20 other companies in China exploited a weakness in its browser, said its new patch was "critical" and people should apply it as soon as possible.

Other hackers have begun to exploit the flaw, according to researchers with Symantec, the world's biggest security software maker.
Continues Below↓

Symantec has found viruses that take advantage of the weakness in Microsoft's browser on some 100 websites, security researcher John Harrison said on Thursday.

They are dangerous because they can infect the PC of any user who visits those sites. Unlike less powerful viruses, it is not necessary for people to download software for their machines to become infected, Harrison said.

PCs are safe if they apply the patch, which resolves eight vulnerabilities in Internet Explorer, Microsoft said. The most serious could allow hackers to gain control of a computer remotely via websites people visit while using the browser.

"We're always working, we have fewer vulnerabilities than our competitors," said Microsoft Chief Executive Steve Ballmer at an energy conference in Houston, addressing cyber-security concerns.

He gave no indication that Microsoft would change its business in China after Google threatened to quit the country last week. "We respect the laws of China, it's the only appropriate thing for us to do," he said.

The viruses Symantec has found only successfully attack Internet Explorer 6, though hackers could figure out how to break through the defenses of Internet Explorer 7 and 8, the most recent version of the software, Symantec's Harrison said.

Most Internet Explorer customers, who have automatic updating enabled on their systems, will not need to take any action on the security patch, Microsoft said.

For manual updating, it directed users to its website. - Reuters