Browser security scare now ‘patched up’
It emerged last week that a security flaw – which was serious enough to make national headline news – has allowed criminals to take over other users’ computers by steering them to infected websites. Without the user doing anything other than arriving at an infected website, malware would be installed on the machine which would then record keystrokes in order to gain sensitive password and credit card information.
Unlike some security scares which are in response to hypothetical scenarios, this security flaw has already been actively exploited, with Microsoft estimating that 1 in 500 Windows users have been exposed to the infected websites.
The issue was flagged up in relation to proven instances with Microsoft’s Internet Explorer 7 browser, but interestingly – although some security experts were suggesting using alternative browsers – the fact that Mozilla have also released patches for Firefox suggests that all browsers may be affected. Mozilla has managed to keep itself out of the spotlight somewhat, but has scheduled updates to “fix critical security vulnerabilities”.
Microsoft is of course attempting to put a positive spin on the whole story by pointing out that it has created a patch in the record time of eight days. In any case, everyone should download the latest patches for their preferred browser and run anti-virus software scans to ensure that there is no malware on their machines.