Last week, I noted that the timing of the discovery of a major flaw in Microsoft Internet Explorer coming, as it did, three weeks after the company formally withdrew support for Windows XP (XP), the 13-year-old operating system (OS) that still runs on an estimated 300 million PCs worldwide - would likely drive a wave of upgrades.
Today, I am laying out the choice landscape for Windows users and recommending various alternatives based on different scenarios.
For those people stuck with XP - for economic, corporate policy, or other reasons - the best thing to do is switch to another browser, either Google Chrome or Mozilla's Firefox. I personally use Chrome.
Microsoft did issue an XP patch for the flaw, primarily because it is major (conferring admin rights on enterprising hackers), its effect is widespread (affecting the approximately 55% of the browser market that uses IE on all platforms), and exploits have occurred in the wild, notably the mysteriously named Operation Clandestine Fox, which seems to be targeting defense and financial organizations to gather "broad-spectrum" intelligence.
However, no one expects Microsoft to continue nursing Windows XP for much longer. Using stupid math, 55% of 300 million (XP users who browse with IE) represents 165 million highly vulnerable systems. So, the real choice for XP/IE users is get off IE or get off XP, with the former being a free, quick fix and the latter being a better long-term solution that costs money, potentially an entirely new system.
For those who can afford it, upgrading from XP to Windows 7 (Win7) or Windows 8 (Win8) is the right move, particularly if the user wants to keep using IE. Win7 is familiar, looking and acting a lot like XP. Win8 is better for systems with touchscreens. In general, Win7 is the right choice for commercial users, while Win8 may be better for consumers.
Whatever else they decide to do, people who use IE should download the patch, which is simple enough. Use Windows Update, which can be invoked from the Control Panel if it is not set to download and install patches automatically. By now, most users should have received a notification that the new bits are available. Once in Update, check everything that says Internet Explorer on it and follow the instructions.
Some users might want to take this moment to move from XP to an entirely different platform. Doing a zero-based assessment could yield a non-Microsoft recommendation. After all, if the upgrade involves buying new hardware, it's worth looking at the entire field. For example, if an individual or company can do all right with Google Docs, a switch to a Chromebook might be a good move. Chrome OS users store their data and do most of their computing in the cloud. Alternatively, Apple's ecosystem holds appeal for many, particularly consumers. Mac OS is robust, and Safari has not been plagued by the level of intrusion visited upon IE.
At this point, it is worth noting that all browsers are vulnerable, and that the main reason IE has been targeted more often is that most of the valuable data moving around the Internet is still coming from Windows systems with IE. That having been said, developers who work in all environments have noted that IE is more complex and brittle than other browsers, creating plenty of opportunities for exploiters.
To summarize, then, first off, install the patch; second, get off XP if possible; if not, get off IE; finally, while contemplating an upgrade, look at all the alternatives.
No comments:
Post a Comment