MIE Bug Puts Millions of Computers at Risk
| Published April 29, 2014 |

By Thursday Review staff

At the beginning of April, as planned—and after much discussion and handwringing—Microsoft ended its tech support and ceased its routine updates and patches for the highly popular Windows XP.

We all knew this was coming, and for millions of people, it would be a roll of the dice.

Windows XP, which is over 13 years old, had become too burdensome for Microsoft to maintain, and the company had planned for several years to eventually end its continuing support of the operating system which can be found on tens of millions of computers worldwide—including personal computers, laptops, business and office computers, and hundreds of types of retail and banking operating systems.

Now, U.S, cybersecurity experts are warning users of Windows XP to find a temporary alternative to Microsoft Internet Explorer (MIE)… quickly. The division of the U.S. Department of Homeland Security charged with computer safety issued a blanket alert this week announcing that hackers have already exploited a breach in Windows XP, a vulnerability which could affect versions 6 through 11 of Internet Explorer. The breach means that a hacker could, within minutes, gain access to a computer using XP and running Internet Explorer.

This vulnerability, it is believed, will be temporary. Users of MIE could put their desktop or laptop at risk, but only if they happen to also click on certain malicious websites or download materials which contains viruses or Trojans.

Several government agencies are investigating the apparently organized hackers, but have declined to identify the suspects behind the attack. Several companies are working on a fix to the problem, the second major issue to occur just within the last few weeks. Early in April, the Heartbleed computer bug was revealed to have left a previously undiscovered vulnerability in any computer or file server using something called OpenSSL. Within hours of the discovery of Heartbleed, hackers in China went to work attacking computers in the United States and other countries. The full extent of potential damage from Heartbleed is not yet known, though technology and software companies went to work immediately on a fix. Some experts feared that the repairs came too late for Heartbleed.

Microsoft said it had a group of its own programmers working quickly to find a solution to the new vulnerability, dubbed Operation Clandestine Fox by both the good guy and bad guy hackers. Some XP and MIE patches and upgrades exist for business purposes now, but these security tools—which are designed to be aggressive—have been known to cause system shutdowns and crashes, as well as occasional losses of data. As a result, some businesses are hesitant to use those security tools, fearing that the treatment could be worse than the disease.

Still, the Department of Homeland Security and several major cybersecurity firms are recommending that users of XP and MIE take extreme care over the next few days, and, if possible, find an alternative to Windows XP or Internet Explorer.


Related Thursday Review articles:

Why Heartbleed Causes Heartburn; R. Alan Clanton; Thursday Review; April 15, 2014.

Coming in April: Mini Y2K; R. Alan Clanton; Thursday Review; January 30, 2014.