News

No patch available as Internet Explorer hit by critical flaw

Antony Savvas

Microsoft has warned that remote attackers are taking advantage of an unpatched flaw in its Internet Explorer browser to contaminate PCs with a Trojan horse virus.

The company says malicious software that exploits the security flaw is now circulating on the internet. It has advised users to visit the Microsoft website and use its recently launched on-line security scanning tool to decontaminate their systems.

The scanning tool is equipped to detect and remove the recently discovered TrojanDownloader:Win32/Delf.DH virus, said Microsoft.

The bug was originally discovered by industry security experts this spring, and it was originally thought that it could only be used to crash Internet Explorer.

Microsoft has now warned that it can be used to take over users’ machines, alowing remote attackers to execute arbitrary code.

The Trojan horse is downloaded onto users’ machines when they visit malicious websites. As no further user interaction is required to install the bug once they are on the site, the threat is “critical” according to Microsoft’s own classifications. Internet security company Secunia has classed the threat as “extremely critical”.

Microsoft currently has no patch for the threat, but says it is working on one. The company plans to release its next batch of monthly security updates on 13 December.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy