A vulnerability in Internet Explorer could let hackers take over your computer.
The bug has already been used by hackers to attack some U.S. financial firms, cyber-security software maker FireEye said over the weekend.
Here’s what you need to know to protect yourself:
What versions of Internet Explorer are affected?
Internet Explorer 6 to 11 – that is, all of them. However, according to FireEye, cyberattacks have been targeting Internet Explorer 9 and higher.
How does this bug allow my computer to be attacked?
If you have an affected browser and visit a booby-trapped website, the bug leaves you vulnerable to a “drive-by install.” That means malicious software (malware) can be installed without your knowledge – you don’t have to click on anything.
Once the software is installed, others can take control of your computer.
Typically, Microsoft says, you’d be directed to the website by a link in an email or instant message. The email may appear to come from someone you know and the website may look like a website you normally visit.
Is there a fix?
As of Tuesday, there wasn’t. Microsoft said it is investigating, and will “take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle-security update, depending on customer needs.”
What can I do to protect myself?
- Switch to another web browser, such as Mozilla Firefox or Google Chrome. This is one of the recommendations from U.S. and U.K. Computer Emergency Readiness Teams from their national security agencies…