Posted by Matt Seber on Friday, May 2, 2014
Microsoft has finally pushed out a patch for the latest critical Internet Explorer (IE) bug that has left all users of IE 6 though IE11 versions seriously vulnerable to security threats. The recently rolled out IE patch also covered the company's outdated Operating System Windows XP.
The vulnerability was first disclosed last Sunday, 26th of April. It was deemed so severe that the US Department of Homeland Security even suggested people to stop using Internet Explorer and use other alternative browsers, like Mozilla Firefox and Google Chrome until Microsoft could come up with a fix.
Responding to the IE users' outcry, the software giant is now rolling out a patch, which will automatically be installed on PCs that have Automatic Updates enabled.
The latest IE flaw has purportedly exposed IE users to potential remote attackers. It specifically gives hackers access to a user's computer, allowing them to install more malicious software onto the system.
The first reported exploit was done by a covert group, likely believed to be foreign spies. The said group was purportedly taking advantage of the flaw to assault U.S. companies when a Milpitas, California-based security firm FireEye perceived it.
More of the good news is that Microsoft did roll out this patch to fix the same flaw in Windows XP, despite the fact that the company has already stopped supporting the OS since Tuesday. This simply means that owners of around 20-30 percent of computers worldwide would still able to get a fix for the latest IE flaw.
Microsoft however said that this would be the last patch it will offer to XP users and that the latter shouldn't expect to get more patches from the company in the future.
In a statement posted on the company's TechNet blog, Microsoft's Dustin C. Childs has explicated the company grounds for offering patches to Windows XP users:
"We made the decision to issue a security update for Windows XP users. Windows XP is no longer supported by Microsoft, and we continue to encourage customers to migrate to a modern operating system."
While this flaw was just exploited for a very specific target by a small group of attackers, its public disclosure has given cybercriminals a hint to easily create their own exploits that could possibly put all IE users of unpatched browser versions vulnerable to future grim assaults.
To get the latest IE patch from Microsoft, please enable the Automatic Updates on your computer and the update will automatically install.
Users who have not enabled Automatic Updates on their computer would need to manually install the latest patch.
1. Go to your PC's Control Panel
2. Select System and Security option
3. Go to Windows Update
4. Manually install the patch
5. Click Change Settings in Windows Update
6. Select the option that says "Install Updates Automatically"