Microsoft has reported that a security flaw in its Internet Explorer browser could allow hackers to access your personal information especially if you are still using Windows XP.
The bug has been found to affect IE versions 6 through 11 and was found by Microsoft's security company FireEye. The company says that the flaw leaves around 56 percent of the browser market vulnerable to attack. The bug has been classified as a "Zero Day" flaw which gives victims zero warnings before attack.
The flaw is a remote code execution vulnerability which means that a hacker can successfully run software on a victim's computer after attack. Microsoft issued a security alert which said that "the vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. The phrase “arbitrary code” means pretty much any software that the attacker chooses to run."
In short, a hacker could install programs, view and delete data simply by visiting a website that you are running at the same time on your IE.
FireEye has said that a gang of attackers has already launched a campaign exploiting the flaw. Microsoft reported that IE9 through IE11 versions are the worst-hit as the three versions of IE account for almost 26 percent of the web browsers currently in use around the world. The software giant has said that Internet Explorer 10 and 11 are safe from the flaw only if the Enhanced Protected Mode in these browsers is turned on. The company is currently working on fixing the problem and might soon come out with an update.
But in case, you are a Windows XP user, there is more reason to worry as Mircosoft is working on a patch for latest versions of Windows only. The reason is that Microsoft has already ended support for Windows XP earlier this month. The only hope for all you XP users is to install Chrome or Firefox browsers as both of them are still supported on Windows XP.
Source: Microsoft Security TechCenter