IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image
Windows XP users exposed as Internet Explorer comes under attack
Tue, 29th Apr 2014
FYI, this story is more than a year old

Windows XP is experiencing the first zero-day vulnerability that is not patched for Windows XP users, as all versions of Internet Explorer come under threat.

Microsoft released a security advisory on a vulnerability in Internet Explorer that is being leveraged in limited targeted attacks, an issue security expert Symantec is aware of.

There is currently no patch available for this vulnerability and Redmond has not at the time of writing provided a release date for one.

"Our testing confirmed that the vulnerability crashes Internet Explorer on Windows XP," Symantec says.

"This will be the first zero-day vulnerability that is not be patched for Windows XP users, as Microsoft ended support for the operating system on April 8 2014.

"However, Microsoft stated that versions of its Enhanced Mitigation Experience Toolkit (EMET) 4.1, which is supported by Windows XP and above can mitigate this Internet Explorer vulnerability.

"Besides using EMET, Symantec Security Response encourages users to temporarily switch to a different Web browser until a patch is made available by the vendor."