Microsoft (MSFT) warned of a newly-discovered bug in its Internet Explorer 9 browser late Monday that could make computers vulnerable to hacking attempts and viruses.
The flaw impacts hundreds of millions of Internet Explorer users and as many PCs but does not impact Internet Explorer 10, Microsoft said.
“We have received reports of only a small number of targeted attacks and are working to develop a security update to address this issue,” Microsoft’s director of the Trustworthy Computing Group, Yunsun Wee, said on the company’s official corporate security response blog.
The maker of Windows software advised customers late Monday to install free security software as a precaution as it tries to fix the bug and develop a new, uncompromised version of Internet Explorer.
“We are monitoring the threat landscape very closely and if the situation changes, we will post updates here on the Microsoft Security Response Center blog and on Twitter at @MSFTSecResponse,” Wee said.
Installing the enhanced Mitigation Experience Toolkit may protect PCs from malicious websites that give hackers the ability to crack into and take over the computer system. Microsoft said the software should not affect the usability of websites.
While losing ground in recent years to Google’s (GOOG) Chrome and FireFox, Internet Explorer continues to be one of the world’s most widely-used browsers.
Redmond, Wash.-based Microsoft encouraged customers to follow its “protect your computer” guidance of enabling a firewall, apply all software updates and install anti-virus and anti-spyware software.
The company said Internet and local intranet security zone settings should be set to “high” to block ActiveX Controls and Active Scripting in these zones, however the browser must first be configured.
“We also encourage folks to exercise caution when visiting websites and avoid clicking suspicious links, or opening email messages from unfamiliar senders,” Wee said.
Microsoft did not return a request for further comment regarding the security glitch and has not publicly disclosed of how long it will take to fix the bug.