Microsoft rushes to fix Internet Explorer browser after attacks; no fix for XP users
Published on Apr 28, 2014 5:51 AM
BOSTON (REUTERS) - Microsoft Corp is rushing to fix a bug in its widely used Internet Explorer web browser after a computer security firm disclosed the flaw over the weekend, saying hackers have already exploited it in attacks on some United States (US) companies.
Personal computers (PCs) running Windows XP will not receive any updates fixing that bug when they are released, however, because Microsoft stopped supporting the 13-year-old operating system earlier this month. Security firms estimate that between 15 per cent and 25 per cent of the world's PCs still run Windows XP Microsoft disclosed on Saturday its plans to fix the bug in an advisory to its customers posted on its security website, which it said is present in Internet Explorer versions 6 to 11. Those versions dominate desktop browsing, accounting for 55 per cent of the PC browser market, according to tech research firm NetMarketShare.
Cybersecurity software maker FireEye Inc said that a sophisticated group of hackers have been exploiting the bug in a campaign dubbed "Operation Clandestine Fox". FireEye, whose Mandiant division helps companies respond to cyber attacks, declined to name specific victims or identify the group of hackers, saying that an investigation into the matter is still active.
"It's a campaign of targeted attacks seemingly against US-based firms, currently tied to defence and financial sectors," FireEye spokesman Vitor De Souza said via email. "It's unclear what the motives of this attack group are, at this point. It appears to be broad-spectrum intel gathering."
To continue reading, log in if you are a subscriber
Enjoy 2 weeks of unlimited digital access to The Straits Times. Get your free access now!