Just a few weeks after tech users were made aware of the Heartbleed security flaw, Microsoft Corp has announced a major bug in its Internet Explorer web browser.
The bug affects Internet Explorer versions 6 to 11, exposing the browser to potential privacy infringement. Microsoft is currently fixing the bug, which affects a large amount of users. According to the Huffington Post, over 55 percent of the PC browser market is dominated by those versions of Internet Explorer.
The Washington Post notes that these versions of Internet Explorer are used on many systems operated by the federal government. In fact, 10 percent of government computers still use Windows XP, the 12-year-old operating system which is soon to be discontinued by the company. Microsoft has claimed that there is no way to fix the security flaw for XP users aside from upgrading.
The capabilities of a hacker able to breach the security flaw are wide-ranging. In a post on its security website, Microsoft stated the following: “An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change or delete data; or create new accounts with full user rights.”