The bug was used to hijack PCs and install adware
|
Microsoft has released a patch for a bug in the Internet Explorer browser two weeks early to combat a mounting number of attacks made via the loophole.
The software giant usually releases security updates once a month.
However, the growing number of attacks using the loophole forced it to move early.
Cyber criminals are known to be using the bug to install keyloggers, adware and spyware and take over Windows PCs.
Flaw found
The bug was discovered by security firm Sunbelt Software and revolves around the way that the Internet Explorer browser handles a technology known as vector graphics.
Via a carefully made webpage, malicious hackers can exploit this bug to take over machines. Porn sites were among the first to exploit this bug but many others started to use it once it became more widely known.
Microsoft said it had taken the step of releasing the patch early because of the "risk" it posed to users.
"This one affected many different platforms in many scenarios that are considered by customers to be common usage," said Microsoft researchers on its security update blog.
Despite this Microsoft said that the number of attacks launched via the bug was "very limited".
The patch is being pushed out to users via Microsoft's update sites. The software company urged people to apply the patch quickly if they do not get it automatically.
Some security companies took the step of releasing their own patches for the bug to stop people falling victim.