Microsoft made a stunning announcement over the weekend: That they are working to fix a bug – a bug that is present in Internet Explorer (IE) versions 6 through 11, and one that hackers are currently exploiting.
Versions 6 through 11 presently make up approximately 55% of the browser market, but the exploitation (at least for now) appears to be concentrating on versions 9 through 11 – about 26.25% of the market, according to FireEye, a cyber security software company that “caught” the bug, according to The Daily Mail. (One has to wonder – did they “catch” it through survey, test, and identification – or did they “catch” it [like catching a cold] in terms of being hacked and exploited! – the report we saw was ambiguous).
For now, the hackers appear to be targeting U.S. defense and financial sector service firms – but don’t let that ameliorate any concerns: You could be next – and it could be in the next moment.
For any readers still using XP (and an estimated 15 to 25% of the world’s PCs are still running XP), recognize that you will receive no update(s) for this bug, being that Microsoft has stopped supporting XP with upgrades and fixes.
According to FireEye spokesman Vitor De Souza, “It’s unclear what the motives of this attack group are, at this point. It appears to be broad-spectrum intel gathering.”
In an advisory, Microsoft said that the vulnerability engendered by this bug could allow hackers to take complete control of a system. Recognize that in these instances, data theft, data destruction, accounts creation, installation of further malicious programs, and likely anything else you can imagine are possible.
Chief Technology Officer of the cyber security firm Seculert, Aviv Raff, has said that other hacking groups are racing to learn more about the bug so that they can launch their own attacks: “This will snowball,” Raff says.
Keep your eye on this, and as always, apply security patches and upgrades as soon as possible. (Although our counsel regarding aesthetic and minor operational fixes still holds: Let those changes “cook” in the market a bit, to make sure they don’t break more things than they fix/enhance).
As for those XP users? Microsoft released a statement to Reuters, advising XP users to upgrade to Windows 7 or Windows 8.