A Microsoft “Internet Explorer” security hole announced over the weekend poses danger to users, according to an April 27 report in Reuters. Microsoft is rushing to fix this security hole in post-Windows XP computers, but Microsoft will not fix “Internet Explorer” versions with this flaw that run on computers with Windows XP.
Users can tell if their computer is using Windows XP by right-clicking on “My Computer” and then clicking on “Properties." Microsoft stopped supporting Windows XP after April 8, 2014.
A computer that uses a Windows version later than XP, like Vista, Windows 7 or Windows 8, will receive a fix for this “Internet Explorer” security hole when it is available. This security flaw is in “Internet Explorer” version 6, 7, 8, 9, 10 and 11. Customers can tell which version of “Internet Explorer” they are using by opening “Internet Explorer," clicking the picture of the gear under the “X” in the upper right corner and then “About Internet Explorer."
This particular security flaw is dangerous because it could give a knowledgeable hacker a level of access equal to that of the computer user, according to Microsoft. Hackers are already exploiting this security flaw to break into financial and defense business networks.
Hackers are already using this flaw to steal data from individuals too. Hackers first use “phishing” (a fake email for example) to lure users into visiting a fake version of the real site (like that of a bank or insurance company). The hackers then can gain the same rights as the current user by fully exploiting the flaw. If a user is logged on as an Administrator, then the hacker can do anything that an administrator can do—download files, create accounts, copy data, and more.
"Zero days" are security flaws—like this one—that are being used for the first time. But just because flaws like these are being used for the first time does not mean that users are at their mercy. In this particular case, temporarily using a different browser like Chrome or Firefox, not clicking on suspicious emails and maintaining the latest anti-virus software are three things that users can do to protect themselves until Microsoft issues a patch to fix this security hole in “Internet Explorer."