July 7, 2009

Microsoft Alerts Users Of Security Flaw

Microsoft Inc has warned users of a security flaw in its Internet Explorer software that could allow hackers to gain access to their machines.

Microsoft on Monday reported of the security flaw that affects users who own machines running Windows XP or Windows Server 2003 software.

"An attacker who successfully exploited this vulnerability could gain the same user rights as the local user," the Redmond, Washington-based software firm said in a statement. "We are aware of attacks attempting to exploit the vulnerability."

In a rare move, Microsoft actually reported of the "zero day" security flaw before providing users with a way to fix the issue.

The company has advised XP and Server 2003 users to disable ActiveX Video Control until it can develop a patch that will solve the issue.

"When the ActiveX control is used in Internet Explorer, the control may corrupt the system state in such a way that an attacker could run arbitrary code," according to Microsoft.

"Microsoft is currently working to develop a security update for Windows to address this vulnerability."

According to the Associated Press, security experts claim that hackers have been exploiting the software's weakness on thousands of Web sites for almost a week.


On the Net: