- Google documents Iraqi museum treasures
- Top 2 booksellers report losses, their shares fall
- EU drops Qualcomm antitrust probe
- Barnes & Noble reports 2Q loss, cuts guidance
- Nokia to ax 220 R&D jobs in Japan
- Fox CEO wants US to join France on Internet piracy
- Newspaper circulation may be worse than it looks
- B&N Nook sells out, too late for holiday orders
MOST SHARED
- The 'Real' Jobless Rate: 17.5% Of Workers Are Unemployed
- US Home Prices Up 5th Month, 2nd Straight Quarter
- GM's Agreement to Sell Saab To Swedish Firm Falls Apart
- Buyers Look For Bargains At Luxury Condo Auction
- FDIC Fund Falls into The Red, Bair Urges Lending
- Just In Time for Holidays: More Gloom and Doom on Economy
- CA "More Profitable" After Saving Energy: CEO
- 10 Holiday Cocktail Recipes from Top Mixologists
- Behind The Scenes With Warren Buffett
- Fed Sanguine About US Recovery, Worried on Jobs
- In Time for Holidays: More Gloom and Doom on Economy
- Turkey Day 101: How Well Do You Know Your Bird?
- US Home Prices Up 5th Month, 2nd Straight Quarter
- Holiday Guide to This Season's Smartphones
- Six Ways to Boost Your Income in a Big Way
- Buyers Look for Bargains at Luxury Condo Auction
- Ron Paul's Plan to Audit Fed a 'Serious Attack': Mishkin
- GM's Agreement to Sell Saab Unit Falls Apart
Text Size 
Microsoft has taken the rare step of warning about a serious computer security vulnerability it hasn't fixed yet.
 |
The vulnerability disclosed Monday affects Internet Explorer users whose computers run the Windows XP or Windows Server 2003 operating software.
It can allow hackers to remotely take control of victims' machines. The victims don't need to do anything to get infected except visit a Web site that's been hacked.
Security experts say criminals have been attacking the vulnerability for nearly a week. Thousands of sites have been hacked to serve up malicious software that exploits the vulnerability. People are drawn to these sites by clicking a link in spam e-mail.
The so-called "zero day" vulnerability disclosed by Microsoft affects a part of its software used to play video. The problem arises from the way the software interacts with Internet Explorer, which opens a hole for hackers to tunnel into.
Microsoft [MSFT
Loading...
()
] urged vulnerable users to disable the problematic part of its software, which can be done from Microsoft's Web site, while the company works on a "patch" -- or software fix -- for the problem.
Microsoft rarely departs from its practice of issuing security updates the second Tuesday of each month. When the Redmond, Washington-based company does issue security reminders at other times, it's because the vulnerabilities are very serious.
A recent example was the emergency patch Microsoft issued in October for a vulnerability that criminals exploited to infect millions of PCs with the Conficker worm. While initially feared as an all-powerful doomsday device, that network of infected machines was eventually used for mundane moneymaking schemes like sending spam and pushing fake antivirus software.
Print
Email
- Remember when auto shows were major events where new models could generate buzz?
- CNBC’s Mike Huckman visits a cutting-edge plant to see how the flu vaccine of the future is being made.
- A new McDonald's in Manhattan is the nation's first to sport a sleek, chic interior imported from stores in London and Paris.
- Italians were outraged by a minister's comments that lunchbreaks are bad for waistlines and the economy.
- Playboy will outsource its publishing operations in a bid to become profitable again.
- For nearly three decades, these on-call experts have been dishing advice on how to – and not to – cook turkey.
Data is a real-time snapshot *Data is delayed at least 15 minutes