On Saturday Microsoft warned for a mayor security vulnerability affecting all Internet Explorer versions from IE6 to IE11, later today they'll release a fix.
The vulnerability is one of the larger vulnerabilities we've seen recently, even the US Government adviced not to use IE anymore because of this. Up to 25% of Internet users are affected by this. Due to the severity of this exploit Microsoft decided to release an out-of-cycle security patch, even for Windows XP users.
The exploit allows malicious websites to install malware in your PC and execute it with the same rights as a regular user, if an administrator account gets compromised, the malware can take over the entire PC. Microsoft decided to fix this vulnerability through an out-of-cycle update, which will be released later today, at approximately 10 a.m. PDT. The update will be automatically downloaded and installed through Windows Update as soon as it is available.
Although Microsoft has officially ended support for Windows XP on April 8th, they decided to release this update for Windows XP users anyway. Microsoft didn't give a specific reason why they are releasing this patch for XP, but they did write this in their blogpost:
"We have made the decision to issue a security update for Windows XP users. Windows XP is no longer supported by Microsoft, and we continue to encourage customers to migrate to a modern operating system, such as Windows 7 or 8.1. Additionally, customers are encouraged to upgrade to the latest version of Internet Explorer, IE 11."
Whether Microsoft will release any other critical fixes for Windows XP in the future remains to be seen.
Source: Microsoft Security Response Center (via: Neowin)
