Security flaws in Internet Explorer have caused the Department of Homeland Security to recommend using alternative browsers.
Microsoft decided to stop offering security updates for Windows XP users earlier this month, and those who haven't upgraded will potentially be vulnerable to hackers when using Internet Explorer, even after the vulnerability is fixed, Reuters reports.
Why does Homeland Security think Internet Explorer is so dangerous?
US-CERT Recommends Against Internet Explorer
The United States Computer Emergency Readiness Team (US-CERT) issued a short but powerful message Monday: Stop using Internet Explorer until an official update is available.
According to US-CERT (a division of the Department of Homeland Security), Internet Explorer (IE) versions 6 through 11 have a "use-after-free" vulnerability that has been exploited by hackers.
This vulnerability exists in the IE software regardless of your computer's operating system, although Windows users of versions XP and older are unlikely to receive any security updates.
NetMarketShare reports that 55 percent of all PC users use one of the affected versions of IE, meaning millions of computers could be at risk. Considering that a single small-business cyberattack costs thousands of dollars to address, it's smart to be aware of the risks of using IE as your business' browser.
While Microsoft frantically works to patch this vulnerability, you still have to run your business. Here are some simple ways to reduce your risk of cyberattacks while still being productive:
- Use Chrome or Firefox. Regardless if you're on a PC or a Mac, you have two excellent alternative choices for a browser. Chrome and Firefox are both free, and you might like them enough to switch permanently.
- Download Microsoft EMET. The Enhanced Mitigation Experience Toolkit can help "prevent vulnerabilities from being exploited," or so says Microsoft.
- Train your employees. Not only should you pass along the IE warning to your workers, but you'll also want to make sure they're using best practices with regard to passwords and avoiding phishing attempts.
Attempts to exploit the IE vulnerability have been reported as appearing in email messages, but Microsoft reports that current versions of Outlook are trained to restrict those messages.
With careful training and some flexibility in using alternative browsers, your business should be able to survive without Internet Explorer (until an update is released, anyway) -- not to mention avoid a potential cyberattack.
Follow FindLaw for Consumers on Google+.
- Microsoft warns of Internet Explorer security gap (The Associated Press)
- Sophie's Google Choice: Privacy or Functionality and Convenience? (FindLaw's Technologist)
- SBA Offers Free Small Biz Cybersecurity Course (FindLaw's Free Enterprise)
- After Target Hack, 3 Tips for Vendor Cybersecurity (FindLaw's Free Enterprise)