Microsoft’s Internet Explorer Security Flaw: An MSP Guide
UPDATE: As pointed out in the comments, this flaw has been fixed by Microsoft and an update to WindowsXP made available.
One could fairly state that Microsoft isn’t having the best time of it at the moment. Windows 8 is proving about as popular as Windows Vista (which obviously isn’t a good thing), and many people are seeking alternatives to Microsoft Office in protest at the company’s withdrawal of support for Office 2003, and their transparent attempts to persuade people to switch to the subscription-based Office 365.
As if all this weren’t enough, on April 28th the US government officially warned citizens to stop using the Internet Explorer browser due to a major security flaw.
At the time of writing, the security vulnerability has still not been patched. Microsoft have provided an extensive guide to “working around” the flaw, but the list of “suggested actions” is long and technical, and likely to put off all but the most determined techies.
Although most technical people switched away from IE long ago, the browser still has a considerable market share of around 20%, based on the latest figures shown on Wikipedia. One must assume that the majority of people still using it are either those in Windows-based business environments where only IE is available, or technical novices who don’t know how to switch.
So, what should you do about all of this if you are running an MSP business? Here are some suggestions:
Tell Your Customers
Alert your customers to the details of the flaw, and assist users in starting to use a browser like Chrome or Firefox instead. Many studies show that these browsers are faster and more effective anyway, and websites that only work effectively under IE and now few and far between. Even the Office 365 interface now works fine under Chrome, for example.
Stay Up to Date
Keep in touch with technical articles and be ready to roll out the inevitable security patch as and when it appears.
Look Out for XP
Be particularly wary if you have any customers who are still running the (now unsupported) Windows XP operating system. Unless customers have purchased extended XP support contracts, there will never be a patch for this issue. Furthermore, one would have to be very naïve to think that hackers won’t immediately work to “reverse engineer” the patch as soon as it becomes available—and go on to exploit it.
A Revenue Opportunity
Make use of the high-profile nature of this news story to shock stubborn clients into submission with regard to upgrading aging infrastructure. There’s a revenue opportunity for all MSPs here, who will also benefit from not having to support old environments that are already proving to create troublesome challenges.
This new Internet Explorer vulnerability is terrible news for Microsoft. People who have continued to use IE will probably not wish to switch back from the likes of Chrome or Firefox once the hole is patched, especially once they’ve become used to superior performance and functionality. It seems that Microsoft are losing their grip on yet another part of people’s everyday computing experience.