Barely a month after Microsoft pulled the plug on Windows XP life support, a critical security bug affecting the operating system – which remains in large usage for more than 300 million computers across the world – has been spotted.
Cybersecurity firm FireEye first reported the vulnerability found in multiple Internet Explorer versions. As of now, the flaw remains unpatched. But there is good news for users of IE9, IE10 and IE11 which run on Windows Vista and Windows 7. Unfortunately, Windows XP users won’t get fixes for the versions of Internet Explorer running on this system. Don’t say you have not been warned before the retirement of Windows XP on April 8.
What are the risks?
Malicious attackers could lure unsuspecting users into clicking a link that redirects to websites which can be used through “drive-by” attacks to take over your browser, and thus hack your computer system. This can be done through email-contained URLs.
By the time a user visits a malicious site, the attacker can remotely execute a code to install malware on your computer and steal sensitive data. In worst case scenario, attackers can take full control of your administrative rights over a computer and change your security settings.
This bug is so far the first security flaw to have ever hit Windows XP since it became a walking dead after April 8. And we can expect more vulnerabilities to come out in the future.
It is remarkably alarming that the bug was labeled a zero-day vulnerability – meaning a third-party had to notify Microsoft about it – when more than 55 percent of the Internet population are using the IE browser as revealed by research firm Netmarketshare.
How to mitigate the risks
Users of Windows XP in particular, who are not likely to receive a patch, are advised to install the Enhanced Mitigation Experience Toolkit 4.1 on their system in order to prevent attackers from taking advantage of the security flaw. The tool is available from Microsoft’s website.
Since the bug only affects different IE versions, it also obvious that users must start transitioning to other browsers such as Chrome, Firefox or Safari in order to avoid the risks.
Users can also protect themselves by activating the Enhanced Protected Mode and changing the local intranet security setting into “high”.
Also, FireEye recommends that users disable Adobe Flash Player on their IE browsers to mitigate the risk.
While Microsoft vowed not to issue a patch for Windows XP-based IE versions, there are those who are hoping that the software giant might lax its decision when the number of attacks rise exponentially, which is predictable.
Disclosure: We might earn commission from qualifying purchases. The commission help keep the rest of my content free, so thank you!
Samir says
I think most of the people has stopped using windows xp and migrated to windows 7. Therefore this won’t be a issue anymore and also microsoft has stopped its production.
Thanks
zeroday1 says
I have to say that I am very displeased Microsoft has now chosen to end full support of Windows 7. It was predicated on an entirely fresh and amazingly seamless new experience for desktop users—something that I’m sure many of us end-users will agree was a mile-stone that we feel Microsoft finally got right with the entire OS-Build as a whole——-and now they won’t even offer extended support for it after 5 more years?!
I’m sorry but IMHO Microsoft has chosen to drop Windows 7 way too soon!
After all the hiccups and bugs that plagued the many builds prior to the release of Win7, when it was released it was the breath of fresh air that many pc-users the world over had long been waiting for and whom, the majority of, have now eagerly adopted with open-arms because of it finally being stable enough to facilitate a decent desktop experience.
Windows 7 still has a multitude of potential with various business and educational applications alike and is still highly favored among pc-users in the Windows community.
After all the heartaches we also put up with regarding Windows Media Player——-that too seems to be finally void of the hang-ups and crashes so prevalent in the builds prior to Win 7.
With all that Windows 7 still brings to the table and considering the fact that it has been aggressively adopted as a trust-worthy desktop operating system by a large percentage of residential and business-users alike——–it baffles me completely that Microsoft would choose to get rid of something that essentially works great and still offers plenty of modern capabilities through a build that has proven its stability and stood the test of time thus far.
The technology Windows 7 is built upon is far superior to that of all its predecessors—yet somehow Microsoft expects us to believe that it’s absolutely necessary to now get rid of it?!
I don’t like this one bit!
Microsoft has a history of dropping the ball right when things seem to be working out for the better——-and now it wants to drop one of the best working desktop operating systems it has ever created to date——-all for the sake of a few technological advances, that aren’t even garnering that much appeal for the everyday computer user that just needs a solid system that works?!
Instead of steam-rolling the perfectly fine-working Windows 7 product and effectively dismantling it so soon after its huge success——-wouldn’t it have done some good to keep Windows 7 around for a lot longer than any of its shoddy predecessors, simply due to its amazing success alone?!——-Never mind the fact that it really is a solid operating system that, again, still has loads of potential.
I think Microsoft is being very, very, and dare I say it again, Very Unfair with regard to the length of time it has sought not to keep Windows 7 as a viable contender and sustainable software product!
This probably comes down to a few things in my opinion:
1) Maybe the NSA really has a choke-hold on Microsoft, despite any fronts the company itself might maintain for the public in front of the camera’s…
2) Maybe Microsoft is finally realizing how lazy it is because it no longer wants to spend the necessary time to develop and test solid updates that don’t crash and burn users systems as has been so typical of them in recent years…
3) They really don’t care all that much about the consumer but instead care more about their profitability at our expense and thus could care less if they keep forcing us to buy a new product, even though the one we already possess works just fine the way it is…
Whatever response Microsoft will give, there is nothing it can say to convince me to change my mind from the fact that they’ve decided to pull the plug on this one way too soon…
What a low-down dirty shame, if you ask me!
And now, since I seem to not have any choice but to morn over this soon to be huge loss, I’ve already started working on my sincerest condolences for the up and coming death of my beloved Windows 7 platform…
“I’m so sorry Win7…you were like my new best friend in the whole world…but now I’m afraid you’ve been diagnosed with a disease called Microsoft-aphylococcus and you will soon die. Please know you will always be remembered for the good times we had…”
R.I.P. Windows 7 — Rest In Peace : ( : ( : (