Security experts were in a race to fix millions of internet traffic routers at the weekend after Cisco Systems reported a flaw that hackers could use to shut down websites or even portions of the Net. The announcement of the flaw by Cisco and others last week triggered a scramble between security experts trying to complete the upgrades and hackers trying to exploit the vulnerability in Cisco's equipment. Because Cisco's routers account for a large proportion of internet traffic, co-ordinated attacks on these could devastate the Web, experts said. Internet security specialist Symantec increased its security alert to 'ThreatCon level 3' after a functional exploit for the Cisco internetworking operating system (IOS) was found last week. The ThreatCon rating provides an overall view of global internet security. The exploit code, which would allow users to take advantage of the vulnerability, was posted to a public mailing list last Friday. The Symantec ThreatCon level 3 rating was previously elevated in response to CodeRed, the SQL Slammer worm and BugbearB. 'This is a serious vulnerability as it affects a significant number of infrastructure devices, on both corporate and core internet networks,' said Alfred Huger, senior director of development at Symantec's security response team. 'Because of the critical nature of the affected devices and known exploit code, Symantec strongly advises administrators running vulnerable versions of Cisco IOS to apply the associated patches immediately.' Symantec, at the time of its security response over the weekend, was not aware of any attempts to automate the exploit code to attack a large range of internet protocol addresses. Cisco, the world's largest maker of networking equipment, offered a free software patch to internet providers last Thursday to fix the flaw in its IOS after finding a problem during maintenance. The vulnerability was discovered during routine internal maintenance in the mechanism that runs the system, Cisco spokesman Jim Brady said. He declined to be more specific. The flaw could leave some routers and switches that run Cisco's IOS vulnerable to denial-of-service attacks or other security breaches by computer hackers. 'This problem was handled in a responsible way, but if this had gotten out [to hackers] beforehand, potentially any single malcontent could have started taking down core sections of the internet,' said Paul Robertson at TruSecure, a private security firm. But Shawn Hernan, a security specialist in the United States government-funded Computer Emergency Response Team (Cert) at Carnegie-Mellon University, said most large internet operators were fixing the problem. 'We have seen evidence of attempts [to shut down routers] but no evidence of a successful attack,' Mr Hernan said. He said that within a day of the advisories issued by Cisco and Cert, experts found 'malicious code' circulating on the internet which hackers could use to exploit the flaw. Additional reporting from Agence France-Presse and Bloomberg.