Microsoft will issue a security patch for Internet Explorer after it was revealed that a vulnerability in the web browser was to blame for last week's hacks on Gmail accounts.
No reports have been received of the vulnerability being exploited on New Zealand websites and no complaints of problems have been received here, says Microsoft New Zealand national technology manager Brett Roberts.
The compromised Google mail accounts belonged to Chinese human rights activists and companies based on the Chinese mainland.
The attacks have sparked a scrap between search giant Google and the Chinese government which is yet to be resolved. Google has threatened to leave the Chinese market - where it distantly trails local search engine Baidu - as a result.
The German and French governments also took the unusual step of warning their respective citizens to steer clear of using all versions of Internet Explorer and advised web users to switch to Mozilla's Firefox or Google's Chrome browsers.
Roberts believes that the two European powers jumped the gun in advising people to change software.
"I think if you look at the reaction of France and Germany and then look back over the years, everyone has had these sort of problems - Firefox, Adobe, us. If you changed software every time that a remote exploit appeared, you'd be changing applications day in and day out," he says. "It was not a rational approach.
"The key thing about maintaining security is about maintaining your software, and this focuses on Internet Explorer 6 - which came out a couple of weeks before 9/11. Current browsers are far more secure."
This may be the case, but Roberts admits "nothing is 100% secure the day that it shifts," and that is why it is so important to continuously update.
"Whether it's a home system or in a large company it's pretty simple - use a firewall, keep your system and security software up to date," he explains. "Any person can do it all at home by themselves and, these days, they can do it for free."
Many security experts first believed that the hackers were using an exploit in Adobe's PDF format, which has since been patched.
Microsoft had admitted the previously unknown problem within Internet Explorer - now know known as Operation Aurora - and has acted quickly to patch the hole, promising that it will be available at 7am New Zealand time.
This is unusual for Microsoft, which generally offers updates and security patches on the same day each month.
In a security release published on its website this morning, Microsoft said the patch will be for "Internet Explorer to address limited attacks against customers of Internet Explorer 6, as well as fixes for vulnerabilities rated Critical that are not currently under active attack."
It will include an update of the Windows Malicious Software Removal Tool. The update will be available by using Windows Update on PCs.
Aging Internet Explorer 6 is the most vulnerable to attack - especially when run on Windows XP operating system - and while later versions like the current IE8 have extra security measures in place to make exploiting users' systems far more difficult.
The main added protection is Data Execution Prevention (DEP), which is turned on by default in later versions but needs to be activated in others.
SophosLabs security specialist Graeme Cluely welcomes Microsoft's speedy reaction to the widely publicised problem, which highjacked the browser and loaded malware onto computers from infected sites without web users having to click on links or download dodgy files.
"It's good news for those of us who aren't one of the 30-odd companies targeted by Chinese hackers too," Cluely wrote in a security blog.
"We are beginning to see other cybercriminals exploiting the flaw and placing it on copycat websites in the hope of infecting unsuspecting users," he wrote.
Lloyd Borrett from security software maker AVG advises PC users to upgrade from Internet Explorer 6.
"If you're using Internet Explorer 6, you're way behind the game," he told nzherald.co.nz.
"This was a typical example of an attack on systems that are not set up to deal with threats."
"People who are still using IE6 are probably quite vulnerable and are not likely to be using security software," he said.
Sophos Labs' experts show how the Operation Aurora exploit works in this video:
- NZ HERALD STAFF
