The Evangelical Lutheran Church of Hong Kong’s website has been under attack due to a vulnerability in the Internet Explorer browser.
An update issued by Microsoft on Wednesday exposed security issues with the web browser. The attackers will be able to access the computers of the church’s members, and could install programs as well as destroy data, the Register reported.
The attack came after Microsoft issued a critical security update for all versions of Internet Explorer. The update aimed to fix a vulnerability that would allow attackers to run a malicious code and take control of a PC remotely.
The previously undisclosed and uncorrected vulnerability is known as a “zero-day vulnerability” because it has to be fixed immediately once it became known, or attackers would attempt exploits on users with uncorrected codes.
Attackers of the church’s website could modify the existing website to host a specifically crafted malicious web frame that redirects visitors to another website using Internet Explorer, said web security company Symantec. A successful exploit would grant attackers the same user rights as the current user.
The Evangelical Lutheran Church of Hong Kong told HKFP that it was not aware of the attack, nor does it have any statistics relating to the website and its use.