0-Day Internet Explorer Vulnerability Patch Ships Today … Even for XP

It’s not too surprising that Microsoft has acted quickly to address the 0-day vulnerability in IE … it is kind of surprising that the patch also covers XP, a platform that Microsoft recently ceased to support.

You may have read about the latest detected 0-day vulnerability in Microsoft’s Internet Explorer that is affecting all versions of the browser regardless of operating system. If not, read this post that explains how you can protect your version of Internet Explorer so that the vulnerability cannot exploited on your system. Many news sites stated that this would be the first vulnerability that would not be fixed anymore for Windows XP after support of the operating system ended earlier this month.

This is however apparently not the case.

Microsoft announced an out-of-band release to address the vulnerability, and surprisingly included a patch for Windows XP as well.

We have made the decision to issue a security update for Windows XP users. Windows XP is no longer supported by Microsoft, and we continue to encourage customers to migrate to a modern operating system, such as Windows 7 or 8.1. Additionally, customers are encouraged to upgrade to the latest version of Internet Explorer, IE 11.

This means that last patch Tuesday was not the last patch day for Windows XP after all. While this is likely an exception rather than something that Microsoft will continue to do, it is nevertheless interesting that the company decided to release the XP patch.

security update

Considering that XP usage numbers are still high, it is definitely a good move by Microsoft that is appreciated by many Windows XP users and system administrators who manage systems running the OS.

Microsoft will release the patch for all Windows operating systems later today. If you have automatic updates enabled you will receive the update this way. The update is marked as important, and a check right now listed it as one of the available updates already.

Note that Windows’ automatic update feature may not check for updates right away. If you use Internet Explorer regularly, it is suggested to check for updates manually instead.

If you do not use Windows Update, download the update for your operating system from Microsoft’s Security Bulletin page instead.

Microsoft notes that users should install the latest cumulative update for Internet Explorer before they install the new update as users may notice compatibility issues otherwise.

Internet Explorer 11 users who use Windows 8 need to have the 2919355 update installed prior to installing the newly released update by Microsoft.

Additional information about requirements and the update itself are available on the security bulletin page linked above.

Link to Original Content

Tags: , , , ,

Comments are closed.