At 1PM Pacific time on Thursday, Microsoft will release an update to address the zero day vulnerability recently disclosed in all versions of Internet Explorer. The advance notification of the update lists Windows XP as among the affected platforms, indicating that it will be among the platforms patched, in spite of its support period ending weeks ago.
Adrienne Hall, General Manager, Microsoft Trustworthy Computing stated "[T]he security of our products is something we take incredibly seriously. When we saw the first reports about this vulnerability we decided to fix it, fix it fast, and fix it for all our customers."
Users with Automatic Updates enabled do not have to do anything, although running Windows Update will apply the fix immediately.
In a blog entry, Hall explains Microsoft's approach, which mostly is to urge users to move on from Windows XP. The company decided to move quickly when they were made aware of this vulnerability and to patch Windows XP because of the proximity to its end of support period.
Further information on the update may be found at KB2964358. Among the advice there, IE will crash if you install the update on a Windows 7 system whch does not have KB2929437 installed.
If you use Windows Update these determinations and appropriate installations will be made automatically. Otherwise, follow the instructions in KB2964358.
No comments:
Post a Comment