The flaw allows criminal gangs to take control of people's computers and steal their personal information when they visit websites that have been corrupted by malicious hackers. It is believed that as many 10,000 sites have been compromised since last week. Microsoft said that it had detected attacks on machines using Internet Explorer 7, the most widely-used version of the browser, but that other versions are "potentially vulnerable". "We are actively investigating the vulnerability that these attacks attempt to exploit," the firm, which also makes the Windows operating system, said in a security statement. "We will continue to monitor the threat environment and update this advisory if this situation changes." By last Saturday about 0.2 per cent of Internet Explorer users had already visited one of the websites designed to exploit the flaw, according a statement on the technology giant's Malware Protection blog. The flaw was first exploited last week but there has been a sharp increase in attacks in the last few days.
Given that three-quarters of people on the web use Internet Explorer, millions of people could already have been targeted. Microsoft has published a list of technical changes that it say should protect against the threat until it can release a software update to close the loophole, although the instructions would be incomprehensible to most casual surfers. It has also advised users to enable their firewalls and install anti-virus and anti-spyware software, but web security experts say the best guarantee of safety is to use an alternative browser such as Firefox, Safari or Opera, which can all be downloaded for free.The websites corrupted by the hackers are mostly Chinese, and have been programmed to steal passwords for computer games which can be sold for money on the black market. ( www.telegraph.co.uk )