Microsoft Corp is rushing to fix a massive bug in its Internet Explorer, a popular Web browser used by up to 55 percent of the online community.
Among the targeted users: U.S. defense and financial sectors, cybersecurity experts said.
Microsoft said the bug seems to have targeted Internet Explorer’s versions 9 through 11. But NetMarketShare, a tech research firm, said the bug could actually impact versions 6 through 11 — and that means more than half of all online browsers could be impacted, the Daily Mail reported.
The company FireEye Inc., which caught the bug over the weekend, said a group of hackers with a sophisticated knowledge of the computer industry have exploited the bug, calling it a campaign known as “Operation Clandestine Fox,” the Daily Mail reported. FireEye didn’t release information about companies that have been affected, but said the hackers are “extremely proficient at lateral movement [and] difficult to track.”
FireEye spokesman Vitor De Souza also said that U.S. companies seem to be the main target.
“It’s a campaign of targeted attacks seemingly against U.S.-based firms, currently tied to defense and financial sectors,” he said, the Daily Mail reported. “It’s unclear what the motives of this attack group are, at this point. It appears to be broad-spectrum intel gathering.”
He suggested online users switch to another browser.
Microsoft said these hackers could actually take complete control of a system, and change or delete data, install malicious programs or even create accounts that would allow them complete access.
“Microsoft should move fast,” said Aviv Raff, the chief technology officer of the cybersecurity firm Seculert, in the Daily Mail. “This will snowball.”