Recent attack on Google exploited Microsoft internet browser flaw

Recent sophisticated cyber attacks on Google Inc and other businesses exploited a previously unknown flaw in Microsoft Corp.'s Internet Explorer browser.

The weakness in the world's most widely used browser was identified by security company McAfee Inc, and later confirmed by Microsoft.

Google said that in mid-December, it detected an attack on its corporate infrastructure originating from China that resulted in the theft of its intellectual property. It eventually found that more than 20 other companies had been infiltrated.

McAfee said that those who engineered the attacks tricked employees of the companies into clicking on a link to a website that secretly downloaded sophisticated malicious software onto their PCs through a campaign that the hackers apparently dubbed "Operation Aurora."

"We have never seen attacks of this sophistication in the commercial space. We have previously only seen them in the government space," said Dmitri Alperovitch, a vice president of research with McAfee.

Microsoft later confirmed the flaw, and sent out an advisory to users to help mitigate the problem. It is still working on a patch that would solve it.

"The company has determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and other corporate networks," Microsoft said.

The world's largest software company said using Internet Explorer in "protected mode" with security settings at "high" would limit the impact of the vulnerability.

"We need to take all cyber attacks, not just this one, seriously," said Microsoft chief executive officer Steve Ballmer in an interview on CNBC. "We have a whole team of people that responds in very real time to any report that it may have something to do with our software, which we don't know yet."