Microsoft web browser faces security risk

LONDON - Software giant Microsoft has issued a “critical” alert for millions of people using its web browser Internet Explorer, saying a newly-discovered flaw in the Windows operating system can be exploited by hackers to steal personal details.

The glitch is so severe that it potentially affects every user of Internet Explorer. The company said that hackers can take advantage of the flaw in taking over personal computers of more than 900 million using the web browser.

However, other browsers such as Firefox, Google Chrome and Safari are unaffected by the threat because, unlike Internet Explorer, they don’t support MHTML files, where the problem lies, the Daily Mail reported.

Microsoft said that the bug is inside Windows, presumably because they don’t want users to migrate to other browsers.

This means it affects all versions of the operating system currently supported including Windows XP (SP3), Windows Vista, Windows 7, Windows Server 2003 and Windows Server 2008 (R2).

The company has so far been unable to remove the bug itself and has issued a “fix it” security patch to block any attempts to use it.

All Windows users, particularly those who use Internet Explorer, are being urged to download the patch as the company’s security team work on a way to permanently fix the problem.

The company has described the flaw as a serious threat, although no hackers are thought to have yet exploited the vulnerability.

Microsoft spokeswoman Angela Gunn announced the flaw in a security advisory published online Friday.

“An attacker could construct an HTML link designed to trigger a malicious script and somehow convince the targeted user to click it. When the user clicked that link, the malicious script would run on the user’s computer for the rest of the current Internet Explorer session,” she was quoted as saying.

“Such a script might collect user information (e.g. email), spoof content displayed in the browser, or otherwise interfere with the user’s experience,” the warning said.