Further IE security flaw warnings

Computer experts are warning surfers that use Microsoft's Internet Explorer browser of a flaw which could be exploited for "serious mayhem".

>>Emergency IE patch coming

The security problem, which first surfaced last week, allows cybercriminals to steal passwords from hijacked computers.

Trend Micro, a security software firm, said that as many as 10,000 sites have already been compromised and could pose a risk to surfers using IE to view them.

So far the websites, the majority of which are Chinese, have been used to steal computer game passwords which are sold on the black market.

Paul Ferguson, a security researcher with Trend Micro, said there were major concerns that the problem could be exploited by "financially-motivated criminals for more serious mayhem".

Writing in Microsoft's Threat Research and Response blog, Ziv Mador and Tareq Saade said: "Based on our stats, since the vulnerability has gone public, roughly 0.2 per cent of users worldwide may have been exposed to websites containing exploits of this latest vulnerability."

>>Security advice and help from Web User

They added that the number of infected sites has been growing. Pornography sites have also been targeted.

In a security update issued on Monday, the computer giant said: "We are actively investigating the vulnerability that these attacks attempt to exploit.

"We will continue to monitor the threat and update this advisory if this situation changes," the statement continued.

www.microsoft.com/security

Save up to £16 a year this Christmas when you subscribe to Web User!