IE users left defenceless



Anti-virus company Kaspersky Labs said that the StartPage trojan, which exploits a hole in Internet Explorer, sets a particularly dangerous precedent because Microsoft has not issued a patch for it yet, The Inquirer reports.

Eugene Kaspersky, head of anti-virus research, predicts grave consequences if Microsoft does not release a patch anytime soon. "We can expect a long lasting, large-scale epidemic that could surpass even the 'Klez' epidemic," he said.

Kaspersky claimed that because Microsoft has not yet released the patch for the hole, it is "essentially leaving users defenseless in the face of this and other, potentially more dangerous threats choosing to exploit the very same vulnerability".

The firm said that the Trojan has already been sent to several hundred thousand addresses on May 20th. The text is written in Russian, and Kaspersky said that the trojan infects computers using the "Exploit.SelfExecHtml" hole in IE's security system.