Microsoft Patches Windows XP With IE Update

Microsoft has rushed out an emergency fix for its Internet Explorer (IE) web browser, which included a fix for Windows XP users.

This fix for Windows XP users comes despite the fact that Microsoft officially ended support for the venerable operating system on 8 April.

Zero-Day Patch

Microsoft’s decision to provide an IE fix for the hundreds of millions of customers still running Windows XP, comes after it was alerted to a problem by cybersecurity firm FireEye.

It warned Redmond that a sophisticated group of hackers had exploited the IE bug to launch attacks in a campaign dubbed “Operation Clandestine Fox”. All versions of Internet Explorer, from 6 to 11, are affected.

On Wednesday Microsoft said its fix would not be available for Windows XP as it had stopped supporting that operating system. But on Thursday Microsoft had a change of heart, and revealed that the fix for the bug (via its automated Windows Update system) would also included a fix for XP customers.

Adrienne Hall, general manager of trustworthy computing at Microsoft explained on Thursday that the fix was being rolled out to customers via the automatic update service.

“One of the things that drove much of this coverage was that it coincided with the end of support for Windows XP,” explained Hall in a blog posting. “Of course we’re proud that so many people loved Windows XP, but the reality is that the threats we face today from a security standpoint have really outpaced the ability to protect those customers using an operating system that dates back over a decade.”

“Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we’ve decided to provide an update for all versions of Windows XP (including embedded), today,” wrote Hall. “We made this exception based on the proximity to the end of support for Windows XP.”

Despite Microsoft’s reasoning to include a Windows XP fix because the problem came to light so soon after its support cut-off, there is little doubt that Redmond was under pressure to provide a fix because the British, American, and German governments had advised XP users this week to consider using an alternative browser to Internet Explorer until a fix was delivered.

Migrate Now

Microsoft’s Hall however feels that the exploit was over-hyped. “The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown,” she wrote. “Unfortunately this is a sign of the times and this is not to say we don’t take these reports seriously. We absolutely do.”

And Hall warned that Windows XP users should still try and migrate to a newer operating system.

“Just because this update is out now doesn’t mean you should stop thinking about getting off Windows XP and moving to a newer version of Windows and the latest version of Internet Explorer,” wrote Hall.

It was only in February that Microsoft warned of another zero-day vulnerability in Internet Explorer.

Are you a security expert? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

View Comments

  • Virus scanning no longer performed by the browser. It is now a task voor the provider and the message switching telecom. IE is now simplified and can stay.
    I will keep XP and the automatic updates. There is nothing wrong and I expect a major upgrade this year.

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago