The internet security vulnerability affecting tens of millions of Australians has been found by a security researcher.
The bug, first reported on by the ABC, allows attackers to remotely download and execute malicious software, which can be used to steal data from websites, steal passwords and compromise other computers.
It was first reported in March, but the ABC reported on the bug on Monday.
Security researcher Brian Krebs said the vulnerability was exploited by attackers who were able to install malicious software on infected computers.
The Australian Computer Society said it was working with the Department of Homeland Security and the Australian Federal Police to investigate the bug.
“We are actively working with our partners at DHS to understand the cause and effect of this vulnerability and to assist in their investigation,” the association said in a statement.
“We expect this to be resolved by the end of the month.”
It was not immediately clear how many computers were affected.
Krebs said that, although the issue was present on all computers, a small percentage of computers were vulnerable to the exploit.
He said the exploit did not compromise the integrity of the internet.
“They’re not compromising the security of the whole internet, it’s just the percentage of the Internet that’s vulnerable,” he said.
A security researcher is pictured in this undated file picture released by the Australian Government.
A spokesperson for the Department for the Environment and Energy said the Government was working to address the vulnerability and had asked the researcher to provide information on the vulnerability.
“The Department has advised Mr Krebs that he should provide all of the details that may assist in the investigation and to ensure that the Australian people are fully protected,” the spokesperson said.
The department said it would provide advice to the public on the issue.
The Department of Finance and Industry said it is aware of the issue and will investigate.