Internet Explorer Security Flaw is Identified: Microsoft Says Software Hole Leaves IE Prone to Spyware, Malware

Internet Explorer users are being warned about a flaw in the software that leaves IE users prone to attack from hackers seeking to infect computers with malware and spyware, which is then used to obtain the computer user's passwords, credit card numbers and other personal information.

An notably, on December 17, 2008, Microsoft released a software patch that is now available to repair the Internet Explorer security flaw.

What is the Internet Explorer Software Flaw? What Does this Mean for IE Users?

According to The Washington Post, all versions of Internet Explorer are said to have the software flaw, not just IE 7 as was initially reported by some media outlets. The Internet Explorer software flaw is said to center around the way in which the Internet Explorer processes XML.

Internet and computer security experts are saying that the Internet Explorer security flaw is very serious, as it could give hackers complete access and control over an infected computer and all of the personal information contained within that computer.

During the second week of December, 2008, it's believed that more than 10,000 legitimate websites were targeted and compromised by hackers who installed special code that infects website visitors' computers with spyware and malware. According to WebSense's internet security alert concerning the Internet Explorer 7 Zero Day Attacks as they're termed, "No user interaction is necessary for the exploit to be successful. A computer may become infected by simply visiting a malicious website."

Once the malware or spyware is installed in an Internet Explorer user's computer, hackers can access the user's computer and internet passwords, credit card numbers, bank account information, social security number and all other private information.

How Can I Prevent My Computer From Getting Infected with Viruses, Spyware and Malware?

Internet users must install an Internet Explorer software patch. The IE security patch removes the security flaw that makes internet users vulnerable to attack from malware and spyware.

In addition to monitoring security alerts and software patches issued by Microsoft and Apple, a computer user's best defense against computer viruses, spyware and malware is regular computer checks using Microsoft's Malicious Software Removal Tool (for PCs). Mac users can utilize programs like VirusScan v8.6, MacScan or Norton AntiVirus to keep their computers free of spyware, computer viruses and malware.

Notably, Apple's computers are known to be less prone to attack from hackers and less vulnerable to malware and spyware, though even a Mac is not completely immune.

Microsoft and Apple regularly announce information about security threats, how internet users are affected by these security threats and what internet users can do to avoid becoming a victim.

In addition to releasing a software patch for the Internet Explorer 7 Zero Day Attacks, Microsoft also recently released a patch that repairs two software flaws that "could allow a malicious web site operator, under very unusual conditions, to misrepresent his web site as a trusted site," resulting in the installation of spyware and malware onto the IE user's computer.

The copyright of the article Internet Explorer Security Flaw is Identified in Web Browsers is owned by Mia Carter. Permission to republish Internet Explorer Security Flaw is Identified in print or online must be granted by the author in writing.

Dec 16, 2008 5:41 PM

Guest :

By switching IE in to "high" and "Protected Mode." This will render it useless for most users, this will require the user to accept so many prompts and add sites to their trusted zones just to be able to do various items and work. Personally this is not advisable for an everyday user, Personally i would be suggesting that people start to migrate over to another browser like Firefox or chrome. Microsoft for a long time has proven that every single piece of software they release has a bug or an issue and the commonly used software has even more. What is more common then IE apart from windows? It would be in the best interest for businesses to change to another browser due to the amount of work that is now completed online. The trend in websites now support other browsers and not IE is growing slowly which means that IE will be left behind. If Microsoft took their customers seriously. Their web browser would be able to keep up with others that are made on a smaller budget and supplied free to the world.

Dec 17, 2008 4:08 AM

Yuen Kit Mun :

I use a host-based intrusion prevention program called Online Armor. Commercial product but there is a free version. More technical users can use something like Winpooch (open source program).

These programs can be configured to ask you for permission when an unknown program (not yet registered with the program) tries to run. Good for day zero attacks, when the virus signature isn't known yet.

These are like super firewalls. Firewalls just filter network access. These filter program execution, registry changes, writing to disk.