Microsoft issues patch for Internet Explorer exploit, including a fix for Windows XP users

Thursday 01 May 2014 21.53
Microsoft had initially said it would not fix the problem for XP users, but later changed tact
Microsoft had initially said it would not fix the problem for XP users, but later changed tact

Microsoft has issued an emergency update to patch a significant vulnerability in its Internet Explorer web browser, which allowed hackers access users’ computer systems. 

The update will also be made available to the hundreds of millions of customers still running its Windows XP operating system, support for which was discontinued on 8 April. 

The software giant rushed to create the fix after learning of the bug in the operating system last weekend.

Cyber-security firm FireEye had warned that a sophisticated group of hackers had used the exploited to launch attacks on US companies in a campaign dubbed "OperationClandestine Fox." 

The flaw led the US and British governments to advise computer users to consider using alternative web browsers until the bug was fixed. 

It was the first high-profile threat to emerge after the software maker stopped providing support to the 13-year-old Windows XP operating system. 

Microsoft said in a statement yesterday that it would not provide the remedy to XP users because it had stopped supporting the product. 

But in a blog post this evening, the company said it had issued a software update to patch the flaw and that it would also be available to XP users. 

It is estimated that 15-25% of computer users around the world still use XP, with that number at around 8% here in Ireland.

Microsoft said it had made this exception based on the proximity to the end of support for Windows XP. It added that the reality was that there have been a very small number of attacks based on this particular vulnerability and concerns were overblown.  

However, it said that just because the update is out, does not mean users should stop thinking about getting off Windows XP and moving to a newer operating system and web browser.

Microsoft said users with automatic updates turned on would not have to do anything to receive the Internet Explorer patch.

However those using manual updates would need to go to the ‘Windows Update’ portion of their computer’s control panel and click ‘Check for Updates’.