WASHINGTON, July 19: Computer experts scrambled on Friday to fix millions of Internet traffic routers after Cisco Systems reported a flaw that hackers could use to shut down websites or even portions of the Internet.

The announcement of the flaw by Cisco and other experts Thursday triggered a race between security experts trying to complete the upgrades, and hackers, who tried to exploit the vulnerability in the devices, known as routers.

Because Cisco’s routers are used for a large proportion of Internet traffic, coordinated attacks on these could devastate the Web, exports said.

“This problem was handled in a responsible way, but if this had gotten out (to hackers) beforehand, potentially any single malcontent could have started taking down core sections of the Internet,” said Paul Robertson at TruSecure, a private security firm.

But Shawn Hernan, a security specialist in the government-funded Computer Emergency Response Team (CERT) at Carnegie-Mellon University, said most major Internet operators were fixing the problem.

And as of Friday, the flaw had not led to any service shutdown, he said.

“We have seen evidence of attempts (to shut down routers) but no evidence of a successful attack,” Hernan said.

“But I will say that the death of the Internet is not imminent. The good news is that most if not all the service providers have been upgrading.”

Hernan said that the Cisco routers, which are essentially computers that direct traffic, could be shut down if an attacker knew about the vulnerability.

He noted that within a day of the advisories issued by Cisco and CERT, experts found “malicious code” circulating on the Internet which hackers could use to exploit the flaw.

“This exploit allows an attacker to interrupt the normal operation of a vulnerable device,” according to a CERT advisory. “We believe it is likely that intruders will begin using this or other exploits to cause service outages.”

But Hernan noted that even though the announcement provided information to hackers, it was necessary to get the information out to the millions of website operators to enable them to fix the problem.

TruSecure’s Robertson said Cisco provided Internet backbone providers with the fix days before the public announcement, allowing key sites to be patched before the flaw could be exploited.

TruSecure nonetheless issued an advisory to its clients calling the problem “red hot,” which means “this needs to be fixed now,” Robertson said.

“The TruSecure research team has determined that this vulnerability presents a serious threat to its clients,” TruSecure said on its website.

Robertson said that with millions of Cisco routers in use, it is likely that some will be shut down by the relatively easy attack method. But he said damage to the Internet is unlikely.

“If one connection goes down, there’s probably another route,” he said.

“The core Internet itself is relatively safe, but (attacks on routers) could affect links to small countries, like Caribbean countries, if their partners haven’t patched or filtered” to fix the problem.

MICROSOFT GAINS: US stocks gained on Friday for the first day in four as traders welcomed positive corporate news and a rise in consumer confidence.