Internet Explorer bug lets hacker control your PC - KYTX CBS 19 Tyler Longview News Weather Sports

Internet Explorer bug lets hacker control your PC

(CNN) - Microsoft is racing to address a weakness in its popular Web browser that security experts at FireEye (FEYE) revealed over the weekend. The researchers discovered that hackers have exploited the bug and created a new type of attack.

This is how it works: Hackers set up a website that installs malware when you visit it. If you're duped into visiting the website while using the Internet Explorer program, malware seeps into your computer and gives a stranger total control. You might not even notice.

"I'd say someone taking control of your computer is just the beginning of the worst case scenario," said Adrian Sanabria, a security expert with 451research.com. "Because then they steal your info, get access to your email, etc."

Related story: Cyber insurance bridges the gap between physical and digital

That's where the real danger lies. Anyone in control of your computer can spy on everything you do. If it's a PC at work, hackers can reach into anything an employee has access to.

It's worse for those using Windows XP, because Microsoft no longer supports that operating system with security patches. To them, Microsoft says: Go upgrade to Windows 7 or 8.1.

The U.S. Department of Homeland Security recommends that people ditch Internet Explorer until there's a patch -- or install special software in the meantime instead.

But this bug is more omnipresent than it seems. Lots of machines use Windows -- bank ATMs, point of sale systems, restaurant seating tools -- and Internet Explorer is their default browser. If hackers manage to send them to a bad website, that machine is now under their control. It won't be easy, but it's possible.

"You don't think of them as Windows PCs running software," said Paco Hope, a consultant with software security firm Cigital. He advises that businesses talk to equipment vendors to determine how vulnerable they are.

Because this attack relies on a few of Internet Explorer's extra features, there's a relatively easy fix: Just disable them. FireEye advises disabling the Adobe (ADBE)Flash plugin. While Microsoft works on patching the bug, its engineers suggest running your browser in "Enhanced Protect Mode." But computer experts say that will likely ruin your online experience.

To disable the Flash plugin in IE, click on "Tools," then "Manage Add-ons."

That's why the easiest solution is to just ditch Internet Explorer and use another browser, said Marius Buterchi with antivirus software maker Bitdefender. This attack doesn't affect other Web browsers like Google (GOOG, Fortune 500) Chrome, Mozilla FireFox or Apple (AAPL, Fortune 500) Safari.

This type of attack is particularly nasty, because it affects every version of the Web browser from IE6 through IE11. That's more than half of the browsers in use right now, according to Web analytics site NetMarketShare.

It's not the first time hackers use add-ons like Flash to assault computers. But this hack, first publicly disclosed by FireEye in a blog post Saturday, was described as a "zero-day." That means that the attack is a unique, never-before-seen technique -- a particularly dangerous vulnerability, since it hasn't yet been patched.


  • Local NewsMore>>

  • East Texas mother's bond set at $2 million dollars in daughter's death

    East Texas mother's bond set at $2 million dollars in daughter's death

    Tuesday, July 22 2014 1:30 PM EDT2014-07-22 17:30:22 GMT
    UPDATE: An East Texas mother's bond is now set at $2 million dollars. Stacie Marie Parsons was arraigned in the Henderson Co. jail this morning. She is charged with the capital murder of her 4 year old daughter.More >>
    UPDATE: An East Texas mother's bond is now set at $2 million dollars. Stacie Marie Parsons was arraigned in the Henderson Co. jail this morning. She is charged with the capital murder of her 4 year old daughter.More >>
  • ‘Operation Coyote’ targets human smuggling networks

    ‘Operation Coyote’ targets human smuggling networks

    Tuesday, July 22 2014 4:43 PM EDT2014-07-22 20:43:13 GMT
    photo: (ICE)photo: (ICE)
    WASHINGTON (KYTX) — In a news conference Tuesday, Secretary of Homeland Security Jeh Johnson, joined by U.S. Immigration and Customs Enforcement (ICE), U.S. Customs and Border Protection Border Patrol and U.S. Deputy Attorney General announced the progress of ongoing enforcement efforts by ICE Homeland Security Investigations (HSI) and the U.S. Department of Justice to target human smuggling networks in the Rio Grande Valley.More >>
    WASHINGTON (KYTX) — In a news conference Tuesday, Secretary of Homeland Security Jeh Johnson, joined by U.S. Immigration and Customs Enforcement (ICE), U.S. Customs and Border Protection Border Patrol and U.S. Deputy Attorney General announced the progress of ongoing enforcement efforts by ICE Homeland Security Investigations (HSI) and the U.S. Department of Justice to target human smuggling networks in the Rio Grande Valley.More >>
  • Yantis man indicted after admitting to having sex with 12-year-old girl on school playground

    Yantis man indicted after admitting to having sex with 12-year-old girl on school playground

    Tuesday, July 22 2014 4:05 PM EDT2014-07-22 20:05:14 GMT
    photo: Wood Co. Jailphoto: Wood Co. Jail
    QUITMAN (KYTX) – A Wood County Grand jury has indicted a Yantis man on child sex abuse charges.More >>
    QUITMAN (KYTX) – A Wood County Grand jury has indicted a Yantis man on child sex abuse charges.More >>
Powered by WorldNow

CBS19, MYTX & KCEB
2211 ESE Loop 323
Tyler, TX 75701
Phone (903) 581-2211
Fax (903) 581-5769

Powered by WorldNow
All content © Copyright 2000 - 2014 WorldNow and KYTX. All Rights Reserved. Users of this site agree to the Terms of Service, Privacy Notice/Your California Privacy Rights, and Ad Choices.