Microsoft releases patch for IE bug, fixes Windows XP too
Microsoft has released an emergency update for a recently-discovered vulnerability in its Internet Explorer browser. All versions of the still-popular Web browser are affected by the bug, including IE 6 through IE 8 which are the versions that ship with Windows XP.
The official Microsoft (NASDAQ: MSFT) patch was delivered out-of-cycle from the company's regular Patch Tuesday update yesterday, and importantly, also resolves it for all recent of Windows, including the no-longer-supported Windows XP. The update is delivered automatically to PCs with Windows configured to receive automatic updates, and should be applied as soon as possible against a backdrop of increased number of attempts by hackers to exploit it.
Adrienne Hall, the general manager of trustworthy computing for Microsoft, explained the apparently about-turn in a blog entry: "Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we've decided to provide an update for all versions of Windows XP (including embedded), today. We made this exception based on the proximity to the end of support for Windows XP."
In my editorial last week, I highlighted how the recently discovered zero-day Internet Explorer flaw shows that Windows XP is nothing more than a dead man walking, and how enterprises should upgrade as soon as possible. Unfortunately, recent reports of the small 1.4 percent dip in the market share of Windows XP post-April 8 show that the move away from it is still happening incredibly slowly.