The first major Microsoft Internet Explorer bug since the company announced the end of support for Windows XP was discovered, and no, if you still have Windows XP, Microsoft isn't going to fix it.
Microsoft Corp is rushing to fix a bug in its widely used Internet Explorer web browser after a computer security firm disclosed the flaw over the weekend, saying hackers have already exploited it in attacks on some U.S. companies.
PCs running Windows XP will not receive any updates fixing that bug when they are released, however, because Microsoft stopped supporting the 13-year-old operating system earlier this month. Security firms estimate that between 15 and 25 percent of the world's PCs still run Windows XP.
Microsoft disclosed on Saturday its plans to fix the bug in an advisory to its customers posted on its security website, which it said is present in Internet Explorer versions 6 to 11. Those versions dominate desktop browsing, accounting for 55 percent of the PC browser market, according to tech research firm NetMarketShare.
So cool, back of the napkin math (55% of users still use IE times 20% of users have XP still) is a little over 10% of the entire PCs in the world that will remain vulnerable to this major IE bug, ballpark. Probably more than that as if you're still using XP, you're probably not using another browser besides IE, so let's call it 15%, or about one in six PC's on earth are going to remain vulnerable right now. Vulnerable to what?
Microsoft said in the advisory that the vulnerability could allow a hacker to take complete control of an affected system, then do things such as viewing changing, or deleting data, installing malicious programs, or creating accounts that would give hackers full user rights.
And remember, this is a vulnerability that goes all the way back to IE version 6. It's been around for several years, and it gives the keys to your PC to hackers. If you're still using an XP PC, the time to upgrade is now.
Hopefully, the folks still running XP are not cruising the web.
ReplyDelete