Microsoft Patches IE Zero Day

Friday, May 2, 2014 @ 05:05 PM gHale


Microsoft released a security update that goes toward resolving a flaw in Internet Explorer discovered last week and said to affect all Windows versions, including Windows XP.

The company said in an updated statement the new patch is automatically going out via Windows Update to all machines running any of the affected Internet Explorer versions, so make sure that you install the available fix to stay on the safe side.

RELATED STORIES
Zero Day for Internet Explorer
Adobe Fixes Flash Zero Day
DDoS Techniques Changing
SQL Injection Attacks Still Fierce

“This update is fully tested and ready for release for all affected versions of the browser. The majority of customers have automatic updates enabled and will not need to take any action because protections will be downloaded and installed automatically. If you’re unsure if you have automatic updates, or you haven’t enabled Automatic Update, now is the time,” Microsoft said in the advisory.

“For those manually updating, we strongly encourage you to apply this update as quickly as possible following the directions in the released security bulletin.”

An important issue is Windows XP also received the patch, although this particular operating system already reached end of support on April 8.

Microsoft previously said that without fixes, Windows XP could easily end up hijacked if someone finds an unpatched vulnerability in the operating system, but the company decided to fix this Zero Day to make sure that millions of consumers still running this OS version end up protected.

“We have made the decision to issue a security update for Windows XP users. Windows XP is no longer supported by Microsoft, and we continue to encourage customers to migrate to a modern operating system, such as Windows 7 or 8.1. Additionally, customers are encouraged to upgrade to the latest version of Internet Explorer, IE 11,” the company said.

Microsoft said this Internet Explorer Zero Day would require an attacker to get the user on a malicious website hosting malware supposed to exploit the flaw and thus allow him to get the same privileges as the logged-in user.



Leave a Reply

You must be logged in to post a comment.