Microsoft is currently investigating the flaw which has previously been used to steal passwords for computer games by mainly Chinese websites.
Now security experts are warning the flaw, if properly exploited, could result in IE users becoming vulnerable to criminals seeking banking passwords.Around 10,000 computers are estimated to already be affected.
"We are actively investigating the vulnerability that these attacks attempt to exploit," Microsoft said in a statement.
"We will continue to monitor the threat environment and update this advisory if this situation changes."
It is considering an emergency software patch in addition to its monthly updates.
Trend Micro's Paul Ferguson has warned against "serious mayhem" which could occur if financial criminals work out how to use the flaw on a large scale.
Security experts are warning until the problem is resolved users should shift to an alternative browser, such as Mozilla Firefox, Google Chrome or Apple's Safari.
Previous versions of IE are also believed to be affected
Owen Roberts at credit reference agency Call Credit explained IE was mainly targeted as it was the most common browser.
"I use Internet Explorer and on the train to work I read about the problem. My first thought was I am going to change to a new browser when I get home," he said.
He added it was most important to have an up-to-date version of anti-virus software and install all updates from Microsoft.
"It is also commonsense. When shopping or giving credit card details research any new websites and you are usually safe if you stick to sites like Amazon or eBay," Mr Roberts said.
A spokesperson for Barclays said: "The main message is it is enough that customers ensure their PCs have the appropriate internet security and latest version of software and keep it up-to-date.
"Really it is business as usual."
Anyone who is a victim to online fraud should have any losses refunded by their bank or building society – unless they are found to be at fault by giving away details or not having up-to-date virus protection.
A number of banks – including Barclays and RBS – offer free anti-virus software to customers.
No comments:
Post a Comment