Microsoft has rushed out an emergency fix for its Internet Explorer (IE) web browser, which included a fix for Windows XP users.
This fix for Windows XP users comes despite the fact that Microsoft officially ended support for the venerable operating system on 8 April.
Microsoft’s decision to provide an IE fix for the hundreds of millions of customers still running Windows XP, comes after it was alerted to a problem by cybersecurity firm FireEye.
On Wednesday Microsoft said its fix would not be available for Windows XP as it had stopped supporting that operating system. But on Thursday Microsoft had a change of heart, and revealed that the fix for the bug (via its automated Windows Update system) would also included a fix for XP customers.
Adrienne Hall, general manager of trustworthy computing at Microsoft explained on Thursday that the fix was being rolled out to customers via the automatic update service.
“One of the things that drove much of this coverage was that it coincided with the end of support for Windows XP,” explained Hall in a blog posting. “Of course we’re proud that so many people loved Windows XP, but the reality is that the threats we face today from a security standpoint have really outpaced the ability to protect those customers using an operating system that dates back over a decade.”
“Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we’ve decided to provide an update for all versions of Windows XP (including embedded), today,” wrote Hall. “We made this exception based on the proximity to the end of support for Windows XP.”
Despite Microsoft’s reasoning to include a Windows XP fix because the problem came to light so soon after its support cut-off, there is little doubt that Redmond was under pressure to provide a fix because the British, American, and German governments had advised XP users this week to consider using an alternative browser to Internet Explorer until a fix was delivered.
Microsoft’s Hall however feels that the exploit was over-hyped. “The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown,” she wrote. “Unfortunately this is a sign of the times and this is not to say we don’t take these reports seriously. We absolutely do.”
And Hall warned that Windows XP users should still try and migrate to a newer operating system.
“Just because this update is out now doesn’t mean you should stop thinking about getting off Windows XP and moving to a newer version of Windows and the latest version of Internet Explorer,” wrote Hall.
It was only in February that Microsoft warned of another zero-day vulnerability in Internet Explorer.
Are you a security expert? Try our quiz!
AI push sees Alphabet's Google saying it will consolidate its AI teams in its Research…
Beijing orders Apple to pull Meta's WhatsApp and Threads from its Chinese App Store over…
Key milestone sees Intel Foundry assemble ASML's new “High NA EUV” lithography tool, to begin…
Oracle's huge AI, Cloud investment in Japan will meet growing local demand and address digital…
People who create sexually explicit ‘deepfakes’ of adults will face prosecution under a new law…
Protest at cloud contract with Israel results in staff firings, in addition to layoffs of…
View Comments
Virus scanning no longer performed by the browser. It is now a task voor the provider and the message switching telecom. IE is now simplified and can stay.
I will keep XP and the automatic updates. There is nothing wrong and I expect a major upgrade this year.