Microsoft Corp. released a patch Friday to halt the spread of a computer virus that can steal personal information, more than a month after the virus began winding its way through the Internet.
Microsoft had previously released tools to detect the virus and thwart it from infecting computers. But until now, the company did not have a fix available to prevent the pesky virus from spreading.
(MSNBC is a Microsoft-NBC joint venture.)
Stephen Toulouse, a security program manager at Microsoft, said the company needed time to make sure the patch would not create further problems for users. The concern was that if even a tiny portion of users had difficulties, they would distrust the system and be less likely to download other security updates in the future. That could leave many more people open to further cybersecurity problems, Toulouse said.
The virus, dubbed “download.ject,” exploits a vulnerability in Microsoft’s Internet Explorer browser, potentially allowing a hacker to convert popular Web sites into virus transmitters. On Friday, Microsoft also released two more patches to fix similar flaws that would allow an attacker to infect a computer just by persuading a user to visit a particular Web site.
Although the outbreak of this virus was somewhat mild, it had worried security experts because it showcased a new way for malicious hackers to attack people’s computers.
The vulnerabilities prompted some security experts to recommend that users try a different browser, such as Mozilla or Opera, while Microsoft’s dominant Internet Explorer browser remained unfixed.