Microsoft Corp issued an interim security update Friday to protect users of its nearly ubiquitous Internet Explorer browsers from a new technique for spreading viruses.
The update does not entirely fix the flaw that makes the spread possible, but it changes settings in Windows operating systems to disable hackers' ability to deliver malicious code with it.
The security measure came in response to last week's discovery of a computer virus designed to steal valuable information like passwords. Though its outbreak was mild, security experts said the technique for spreading it was novel and could be used to send spam or launch broad attacks to cripple the Internet.
Hackers had converted hundreds and possibly thousands of Web sites into virus transmitters by first hiding malicious code using a vulnerability with Microsoft's software for operating Web sites.
A fix for it had been issued in April but was not universally applied.
Two other flaws in Microsoft products allowed hackers to direct Internet Explorer browsers to automatically run the virus when visiting an infected site.
Though one of those flaws remains unfixed, Friday's setting changes thwart any attack by prohibiting a Web application from writing files -- such as the virus code -- onto users' computers.
Stephen Toulouse, a security program manager at Microsoft, said the company still was working on a comprehensive patch to fix vulnerabilities with Internet Explorer, but the settings change should protect users from the immediate threat.
The software update covers Windows XP, Windows Server 2003 and Windows 2000, and Microsoft was working on ones for older systems.
The update will also be included with a major Windows XP upgrade, called Service Pack 2, later this summer.
Toulouse said the new Service Pack will include additional protections.
After installing Friday's update, users should be able to lower their security settings from the "high" one initially recommended as a stopgap, he said.
Russ Cooper, a senior researcher at TruSecure Corp, welcomed Friday's update, but said it should have come sooner than a week.
"It would have taken a couple of hours to put it together as a package, and [the testing] process can take a day or two," Cooper said.
But Toulouse said that given the broad user base for Windows and Internet Explorer, even a problem affecting less than 1 percent of users potentially hurts millions of customers.
He said the settings could potentially affect legitimate applications used internally by Web developers and corporate networks, and special instructions were available to address those cases.
The update will be automatically installed if computers are set to receive it.
It is also available at http://windowsupdate.microsoft.com.
Microsoft shares fell US$0.06 to close at US$28.57 Friday on the NASDAQ Stock Market.
‘BIG LOSS’: This year might see the last generation of Huawei’s Kirin chips, as their production would stop next month because they are made using US technology Chinese tech giant Huawei Technologies Co (華為) is running out of processor chips to make smartphones due to US sanctions and would be forced to stop production of its own most advanced chips, a company executive has said, in a sign of growing damage to Huawei’s business from US pressure. Huawei, one of the biggest producers of smartphones and network equipment, is at the center of US-Chinese tension over technology and security. Washington last year cut off Huawei’s access to US components and technology, and those penalties were tightened in May, when the White House barred vendors worldwide from using US
’WHITE BOX’: The open platform would give local firms access to Cisco’s cloud-based mobile network to develop 5G telecom equipment and tap into the global market The Ministry of Economic Affairs (MOEA) yesterday introduced a new 5G “open lab” in collaboration with US-based information technology and networking giant Cisco Systems Inc to address the rapidly growing “white box” 5G networking equipment market. The open lab will be a platform where Taiwanese manufacturers can access Cisco’s cloud-based mobile network to develop their own 5G telecom equipment, such as small-cell base stations, network switches, modems and Internet of things (IoT) devices, a ministry statement said. The open platform would allow Taiwanese manufacturers to tap into the lucrative 5G telecom equipment market, which was previously monopolized by Nokia Oyj, Ericsson AB
CORPORATE SCANDAL: Cathay Life has invested NT$13.3 billion in Bank Mayapada since 2015, but the latest loss of NT$8.8 billion has completely written off its investment Cathay Life Insurance Co (國泰人壽) yesterday said it would recognize an investment loss of NT$8.8 billion (US$298.1 million) in Indonesia’s Bank Mayapada Internasional Tbk PT due to concerns about the lender’s operations amid a corporate scandal. The company said it would revise its earnings result for June, from a net profit of NT$6.52 billion to a net loss of NT$520 million, its first monthly loss over the past 17 months. After booking an investment loss of NT$5.2 billion in Bank Mayapada earlier this year, Cathay Life has so far recognized total investment losses of NT$14 billion in the lender, executive vice president
Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) yesterday reported that revenue last month expanded 25 percent annually, but fell 12.8 percent month-on-month to NT$105.96 billion (US$3.59 billion). In the first seven months of this year, the chipmaker’s revenue surged 33.6 percent to NT$727.26 billion, compared with NT$544.46 billion a year earlier. TSMC has said it aims to grow its revenue by more than 20 percent this year. The company has since May 15 stopped taking new orders from Huawei Technologies Co (華為), its second-biggest customer after Apple Inc, due to the US’ restrictions on exports containing US technologies. TSMC has no plans to