Microsoft launched an investigation after confirming it had detected “limited, targeted attacks” in the internet Explorer browser, installed on more than half of computers
Danger: A fix, according to Microsoft, will be available on May 13
Millions of computer users have been left vulnerable to hackers after a major security flaw was found in the most popular web browser.
US Homeland Security advised people with versions of Internet Explorer 6 to 11 to use alternatives until Microsoft fixes the bug.
The software giant launched an investigation after confirming it had detected “limited, targeted attacks” in the browser, installed on more than half of computers worldwide.
The security scare could allow crooks to access victims’ accounts and change passwords. Email addresses and other personal data could then be ransacked if a victim clicked on a hostile website.
Online security firm Symantec said in a statement: “Our testing confirmed that the vulnerability crashes Internet Explorer on Windows XP.
“There is currently no patch available.”
Microsoft is now working on a fix which will be available on May 13.
Alternative browsers not affected by the security flaw include Chrome, Firefox, Safari and Opera.
In the meantime, Microsoft advises customers to update their Internet Explorer to the latest version and install anti-virus software.
A spokesman warned: “An attacker who successfully exploited this vulnerability could take complete control of an affected system.”
The alert comes just weeks after millions of computer users were warned to change their passwords due to the Heartbleed Bug, affecting two thirds of the world’s websites, including Google, Amazon and Facebook.
Firms quickly made defensive fixes against the bug, which had been undetected for two years.But people who are still using the Windows XP operating system will not be able to receive a patch when it does become available, as Microsoft has ended official support for the system earlier this month. This will leave them exposed to the vulnerability and at risk of being hacked. The government will receive a patch, as it signed a £5.5m deal to extend XP support for a further year.