Microsoft released an advisory to all users of Internet Explorer browser versions 6 to 11 saying that a security flaw allowed cybercriminals to mimic the original user and access his or her network directly. The vulnerability is more critical for those still using Windows XP.
FireEye Inc first noticed the security flaw, according to a report by the Wall Street Journal. Officials didn't provide further details, aside from the IE versions and the fact that Windows XP users were targeted.
There are currently more than 300 million users who have not updated to a newer platform, even after Windows XP's newest software version debuted. The tech giant allowed businesses to use Windows XP anyway, so long as they paid for an extension.
Windows has opened an investigation the security flaw, but has not confirmed whether any users were affected by the attack. It is uncertain if a fix will be issued to the Windows XP users, or if they will be forced to migrate to newer platforms.
The security flaw used Adobe Flash as an entry to upload malicious codes to users' computers, allowing the hackers to access internal memory and crash the computer. The security researchers estimated that about 26.25 percent of all Internet browsers were affected, Inferse reports.
Tech officials encountered difficulties tracking the hackers, since they used different commands on this operation.
"The APT [advanced persistent threat] group responsible for this exploit has been the first group to have access to a select number of browser-based 0-day exploits (e.g. IE, Firefox, and Flash) in the past," FireEye said, quoted by CNET. "They are extremely proficient at lateral movement and are difficult to track, as they typically do not reuse command and control infrastructure."
For now, Microsoft recommends users enable firewalls, apply software updates and install AntiMalware software to protect their computers.
© 2025 HNGN, All rights reserved. Do not reproduce without permission.
