Windows XP users are getting their first taste of life without security updates after the discovery of a major flaw within the Internet Explorer Web browser.
Microsoft Corp. issued a warning regarding the flaw this weekend, saying it affects Internet Explorer versions 6 through 11. The vulnerability makes it possible for hackers to take control of a user’s computer after it has been infected with malicious code.
The bug was discovered by FireEye, a security company, which said hackers are sending out e-mails with links to websites that contain malicious code. If users click on a link to one of these websites while using Internet Explorer, it is likely that hackers will gain control of their machines.
For now, security experts advise that Windows users avoid Internet Explorer until Microsoft issues a patch for the problem, which will likely happen May 13. But that patch won’t protect users of Windows XP.
That’s because Microsoft stopped supporting Windows XP earlier this month. After 13 years of maintaining Windows XP, Microsoft said it would no longer issue security updates.
“This is the first critical Internet Explorer exploit that will not be fixed for Windows XP users ever,” said Bogdan Botezatu, a senior e-threat analyst at Bitdefender, a security firm. “This exploit will stay working forever — until [Windows XP users] move to a different operating system.”
Botezatu recommends that Windows XP users do not use Internet Explorer ever again. Those who wish to remain on Windows XP should use Web browsers that still support the outdated operating system, such as Firefox or Google Chrome.