During the holiday the company confirms a possible vulnerability in older versions of its browser and came up with an interim remedy

Microsoft issues quick fix for IE8 vulnerability

It’s difficult for us to advise organizations to spend money, but sometimes it has to be done.

In this case, if you haven’t already done so it’s time to do some heavy thinking about getting off Windows XP.

It’s a fine operating system, but it is stuck with Microsoft’s Internet Explorer 8, an outdated browser. Only WinVista, Win7 and Win8 can use the safer IE9 and IE10. Smart organizations still on WinXP insist staff use Firefox or Chrome.

Globally, an estimated 45 per cent of desktops were still using XP a year ago, although that includes consumer and corporate environments.  IDC Canada believed that as of last September about 30 per cent of of commercial portable PCs in Canada were running WinXP (with just over 61 per cent on Win7.)

It matters because as 2012 closed Microsoft issued a quick fix for a vulnerability that has been discovered in IE8, 7 and 6.

The vulnerability, Microsoft said, may corrupt PC memory in a way that could allow an attacker to execute code by convincing a user to visit an infectedWeb site.
 
(Image from Shutterstock)

An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

This patch will have to do until Microsoft delivers a formal fix.

Naked Security, the blog of security firm Sophos, said one Web site is known to have carried the vulnerability, that of the Council on Foreign Relations.

It’s a respected New York-based independent think tank that would be visited by academics, reporters, bureaucrats from around the world and politicians – an ideal target.
 
RELATED CONTENT

Related Download
The New Workplace: Supporting “Bring your own”							Sponsor: IBM Canada Ltd
The New Workplace: Supporting “Bring your own”
“Bring Your Own Device” (BYOD) and the “consumerization of IT” have taken hold in the enterprise, and employees using their own personal smartphones and tablets for business have become pervasive.
Register Now
Share on LinkedIn Share with Google+ Comment on this article
More Articles