The Evangelical Lutheran Church of Hong Kong’s website has been under attack due to a vulnerability in the Internet Explorer browser.

An update issued by Microsoft on Wednesday exposed security issues with the web browser. The attackers will be able to access the computers of the church’s members, and could install programs as well as destroy data, the Register reported.

church web attack
The Evangelical Lutheran Church of Hong Kong. Photo: Google Maps.

The attack came after Microsoft issued a critical security update for all versions of Internet Explorer. The update aimed to fix a vulnerability that would allow attackers to run a malicious code and take control of a PC remotely.

The previously undisclosed and uncorrected vulnerability is known as a “zero-day vulnerability” because it has to be fixed immediately once it became known, or attackers would attempt exploits on users with uncorrected codes.

Attackers of the church’s website could modify the existing website to host a specifically crafted malicious web frame that redirects visitors to another website using Internet Explorer, said web security company Symantec. A successful exploit would grant attackers the same user rights as the current user.

The Evangelical Lutheran Church of Hong Kong told HKFP that it was not aware of the attack, nor does it have any statistics relating to the website and its use.

Karen is a journalist and writer covering politics and legal affairs in Hong Kong for HKFP. She has also written features on human rights, public space, regional legal developments, social and grassroots activism, and arts & culture. She is a BA and LLB graduate from the University of Hong Kong.