No patch available as Internet Explorer hit by critical flaw


No patch available as Internet Explorer hit by critical flaw

Antony Savvas

Microsoft has warned that remote attackers are taking advantage of an unpatched flaw in its Internet Explorer browser to contaminate PCs with a Trojan horse virus.

The company says malicious software that exploits the security flaw is now circulating on the internet. It has advised users to visit the Microsoft website and use its recently launched on-line security scanning tool to decontaminate their systems.

The scanning tool is equipped to detect and remove the recently discovered TrojanDownloader:Win32/Delf.DH virus, said Microsoft.

The bug was originally discovered by industry security experts this spring, and it was originally thought that it could only be used to crash Internet Explorer.

Microsoft has now warned that it can be used to take over users’ machines, alowing remote attackers to execute arbitrary code.

The Trojan horse is downloaded onto users’ machines when they visit malicious websites. As no further user interaction is required to install the bug once they are on the site, the threat is “critical” according to Microsoft’s own classifications. Internet security company Secunia has classed the threat as “extremely critical”.

Microsoft currently has no patch for the threat, but says it is working on one. The company plans to release its next batch of monthly security updates on 13 December.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy