After a critical security bug was found in Internet Explorer, hackers began to exploit the web browser’s hole. The extreme susceptibility led to a substantial increase in virus attacks in IE, versions 6 through 11. The bug leaves an estimated 26 percent of IE open to attackers. Microsoft has acted quickly to patch this hole, rolling out an update to all their active operating systems.
However, the unexpected has happened. Microsoft has also allowed the update to go to Windows XP, despite the company retiring the 13-year-old operating system on April 8. Microsoft has even gone as far as posting a blog, with an explanation behind the update for the recently deceased OS.
Andrienne Hall, general manager at Microsoft’s Trustworthy Computing wrote, “Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we’ve decided to provide an update for all versions of Windows XP (including embedded), today. We made this exception based on the proximity to the end of support for Windows XP.”
Despite this update to Windows XP, Hall warns those using Windows XP to not take this as a sign that users can stick with OS, recommending that they move to Windows 7 or 8, with supported and more secure versions of Internet Explorer. “Of course we’re proud that so many people loved Windows XP, but the reality is that the threats we face today from a security standpoint have really outpaced the ability to protect those customers using an operating system that dates back over a decade,” Hall stated.
Microsoft stopped supporting and updating Windows XP as soon as the OS was retired on April 8, but this exception poses the question of whether or not we might see other critical patches to Windows XP in the future. Though Microsoft has dropped support of Windows XP, many are still clinging onto the operating system, making it hard for Microsoft to shift their full attention to their newer systems. In fact, a reported 28 percent of web users still operate on Windows XP.
News coverage has escalated matters, focusing on the vulnerability of Windows XP, which may have led to the decision to update the OS. Hackers can more easily bypass security measures in the XP, which have been strengthened in later versions of Windows. This meant that attacks were more likely with Windows XP, but Hall addressed this matter by saying, “The reality is there’ve been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown. Unfortunately, this is a sign of the times and this isn’t to say we don’t take these reports seriously. We absolutely do.”
Originally, vulnerabilities were found only in versions 9 through 11 of Internet Explorer, but Microsoft has recently added the XP-supported IE 8.
Will Microsoft finally prevent users, media from reanimating the XP corpse, or will we see the walking dead for a time to come?