Microsoft has released a security update for Internet Explorer that closes a gap that allowed attackers to take complete control of a computer.
A new update is also available to Windows XP users, even though Microsoft dropped support for the older operating system last month.
The update went live at 10 a.m. PT Thursday. The company said users with automatic updates enabled don’t need to take any action.
Adrienne Hall, general manager of Microsoft Trustworthy Computing, said in a statement that the company decided to fix the problem quickly for all customers, as it takes the security of its products “incredibly seriously.”
However, she added: “The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown.”
Microsoft reported the bug Saturday, saying it was aware of “limited, targeted attacks” and that the vulnerability affected Internet Explorer versions 6 through 11.
Cybersecurity firm FireEye Inc warned in a blog post the same day that a sophisticated group of hackers had exploited the bug to launch attacks on U.S. security and financial companies in a campaign dubbed “Operation Clandestine Fox.”
The U.S., UK and German governments advised computer users on Monday to consider using alternatives to Microsoft’s Explorer browser until Microsoft released a fix.
Source : http://www.cbc.ca/