Microsoft Releases Internet Explorer Zero-day patch, Includes XP in Update
| Bianca Ortega | | May 02, 2014 11:05 AM EDT |
(Photo : Reuters) Microsoft confirmed Windows RT and the original Surface is dead.
Microsoft has released an emergency fix for the security flaw that affected all the desktop versions of the Internet Explorer (IE) Web browser. The firm also included Windows XP in the update even though it had already stopped supporting the outdated operating system (OS) on April 8.
Like Us on Facebook
The flaw was first revealed on April 26 and was known to be present in IE versions 6 to 11. The severity of the vulnerability prompted the US Department of Homeland Security to advise people to avoid using the browser until a security update was released, according to Tom's Guide.
Now that the flaw patch has already been released, the security update should automatically install if Automatic Updates is activated on a user's PC, the report said.
Hackers can exploit the IE flaw to control a user's computer and spread malicious program. A secretive group was already using it to launch attacks on US firms when the American security firm FireEye discovered the vulnerability, the report stated.
These flaws of unknown origin and are being exploited by hackers are dubbed "zero days" because of the zero amount of time that experts have to beef up their defenses before the attack is launched, the report explained.
Microsoft usually issues patches on "Patch Tuesday," which falls on the first Tuesday of every month. However, the software giant stepped beyond its usual cycle by releasing the patch outside the Patch Tuesday schedule and even including Windows XP in the update even after it had already halted patching for the outdated OS on April 8, the report detailed.
Although this is good news for 20% to 30% of computer users worldwide who are still using Windows XP, future patches for the said OS should not be expected. In fact, Dustin C. Childs of Microsoft encouraged customers to upgrade to a "modern operating system," the report relayed.
The flaw was originally used by a small group of hackers that hit specific targets in a campaign that FireEye called "Operation Clandestine Fox." Now that the flaw is already known, other cybercriminals could easily duplicate the campaign and exploit unpatched IE browsers, the report said.
Users who still have not enabled Automatic Updates on their PCs can manually install the fix and change the settings in the System and Security to enable automatic installation of updates, wrote Tom's Guide.
©2015 Chinatopix All rights reserved. Do not reproduce without permission
EDITOR'S PICKS
-
Did the Trump administration just announce plans for a trade war with ‘hostile’ China and Russia?
-
US Senate passes Taiwan travel bill slammed by China
-
As Yan Sihong’s family grieves, here are other Chinese students who went missing abroad. Some have never been found
-
Beijing blasts Western critics who ‘smear China’ with the term sharp power
-
China Envoy Seeks to Defuse Tensions With U.S. as a Trade War Brews
-
Singapore's Deputy PM Provides Bitcoin Vote of Confidence Amid China's Blanket Bans
-
China warns investors over risks in overseas virtual currency trading
-
Chinese government most trustworthy: survey
-
Kashima Antlers On Course For Back-To-Back Titles
MOST POPULAR
LATEST NEWS
Zhou Yongkang: China's Former Security Chief Sentenced to Life in Prison
China's former Chief of the Ministry of Public Security, Zhou Yongkang, has been given a life sentence after he was found guilty of abusing his office, bribery and deliberately ... Full Article
TRENDING STORY
China Pork Prices Expected to Stabilize As The Supplies Recover
-
Elephone P9000 Smartphone is now on Sale on Amazon India
-
There's a Big Chance Cliffhangers Won't Still Be Resolved When Grey's Anatomy Season 13 Returns
-
Supreme Court Ruled on Samsung vs Apple Dispute for Patent Infringement
-
Microsoft Surface Pro 5 Rumors and Release Date: What is the Latest?
