updated 3/14/2011 2:14:10 PM ET 2011-03-14T18:14:10

A security vulnerability in Microsoft’s Internet Explorer Web browser is being exploited by computer criminals to carry out targeted, politically motivated online attacks.

The attacks make use of a flaw in the Web browser’s MHTML processing — a file format composed of HTML code and external links such as images and audio files — to run malicious scripts on a user’s system that could result in information disclosure, Microsoft reported.

The Internet Explorer MHTML bug was publically disclosed in January, but Microsoft never issued a patch for it. It affects all versions of Windows.

In a March 11 blog, Google researchers said they have seen "highly targeted and apparently politically motivated attacks " using the Internet Explorer flaw. "We believe activists may have been a specific target. We’ve also seen attacks against users of another popular social site,"researchers wrote.

Microsoft has released a Fixit tool on its website to address the problem, but has not announced when it will issue a formal security update.


© 2012 SecurityNewsDaily. All rights reserved


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments