XP included in urgent Internet Explorer security patch

By

Critical vulnerability plugged.

Microsoft has decided to include its old Windows XP operating system in its out-of-band security patch for the built-in Internet Explorer web browser, released today via Windows Update.

XP included in urgent Internet Explorer security patch

Microsoft's Trustworthy Computing group manager of response communications, Dustin Childs, urged customers to apply the fully tested update as quickly as possible.

"Windows XP is no longer supported by Microsoft, and we continue to encourage customers to migrate to a modern operating system, such as Windows 7 or 8.1. Additionally, customers are encouraged to upgrade to the latest version of Internet Explorer, IE 11," Childs wrote.

The security update MS14-012 was labelled critical by Microsoft.

It plugs a serious vulnerability that allowed remote code execution using malicious web pages loaded in Internet Explorer versions 6 to 11, which are bundled with Windows, XP onwards to Windows 8.1.

Windows Server variants with Internet Explorer are also affected, but the vulnerability is only labelled moderate by Microsoft for those products due to built-in mitigation techniques.

According to Microsoft, Windows 7 users may find that unless they have security update 2929437 installed - which was issued on April 8 this year - Internet Explorer will crash when trying to install today's patch.

Installing 2929437 fixes the problem. Users can also install update 2964444 instead of applying today's patch.

Microsoft will hold a webcast tomorrow at 3pm AEST to discuss the technical details of the update.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Log In

  |  Forgot your password?