Microsoft issues fix for IE bug, includes Windows XP users

Microsoft, on Thursday, issued an update to fix a bug that let hackers gain access and user rights to computers. The company has said users of its Windows XP operating system will also get the security update it has issued to fix a flaw in the Internet Explorer browser.

Microsoft officially ended support for Windows XP on April 8. Earlier this week, Microsoft confirmed that it would not issue a fix for web browsers running on XP, which still accounts for 25 percent of the world’s PC’s.  However, the company decided to make an exception as the flaw was discovered just days after the support ended.

“Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we’ve decided to provide an update for all versions of Windows XP,” Adrienne Hall, general manager of Trustworthy Computing at Microsoft, said in a blog post.

“We made this exception based on the proximity to the end of support for Windows XP.”

The vulnerability was discovered earlier this week by cyber security software maker FireEye Inc. which stated the flaw is a ‘zero-day’ threat. This means the first attacks were made on the vulnerability before Microsoft was aware of it. The flaw affected Internet Explorer (IE) versions 6 to 11 and Microsoft said it was aware of “limited, targeted attacks” to exploit it.

On Thursday, Microsoft said its security update fixed the flaw.

“This update is fully tested and ready for release for all affected versions of the browser,”

“The majority of customers have automatic updates enabled and will not need to take any action because protections will be downloaded and installed automatically.”

Source: BBC