Flaws in Microsoft’s Internet Explorer browser have been blamed for the cyber attacks by Chinese hackers on Google.
According to security company McAfee, the hackers exploited a previously unknown flaw in the Internet Explorer browser; this resulted in the organisers of the attack being able to persuade employees of companies in China to click on a link to a website that secretly downloaded sophisticated malicious software onto their PCs.
“We have never seen attacks of this sophistication in the commercial space. We have previously only seen them in the government space,” said Dmitri Alperovitch, a vice president of research with McAfee.
According to McAfee, Microsoft has yet to patch the flaw that enabled the attack to take place.
Microsoft said it was investigating McAfee’s report.
Reuters reported, “We need to take all cyber attacks, not just this one, seriously,” said Microsoft Chief Executive Steve Ballmer in an interview on CNBC. “We have a whole team of people that responds in very real time to any report that it may have something to do with our software, which we don’t know yet.”
The programs allowed the hackers to take control of the PCs without the knowledge of their users, according to McAfee, which has been researching the matter on behalf of several companies involved in the attacks since late last week.
He declined to say which companies had hired McAfee, saying they had signed confidentiality agreements.
On Tuesday, Google said that in mid-December, it detected a “highly sophisticated and targeted attack” on its corporate infrastructure originating from China that resulted in the theft of intellectual property from Google.