Microsoft rushes to fix Internet Explorer bug; no fix for Windows XP users

mmadhankumar

The Earth will be better without Us..
Staff member
Community Manager
Joined
6 May 2012
Messages
4,944
Solutions
6
Reaction score
8,449
micro300.jpg


Microsoft Corp is rushing to fix a bug in its widely used Internet Explorer web browser after a computer security firm disclosed the flaw over the weekend, saying hackers have already exploited it in attacks on some US companies.

PCs running Windows XP will not receive any updates fixing that bug when they are released, however, because Microsoft stopped supporting the 13-year-old operating system earlier this month. Security firms estimate that between 15 and 25 percent of the world's PCs still run Windows XP.

Microsoft disclosed on Saturday its plans to fix the bug in an advisory to its customers posted on its security website, which it said is present in Internet Explorer versions 6 to 11. Those versions dominate desktop browsing, accounting for 55 percent of the PC browser market, according to tech research firm NetMarketShare.

Cybersecurity software maker FireEye Inc said that a sophisticated group of hackers have been exploiting the bug in a campaign dubbed "Operation Clandestine Fox."

FireEye, whose Mandiant division helps companies respond to cyber attacks, declined to name specific victims or identify the group of hackers, saying that an investigation into the matter is still active.

"It's a campaign of targeted attacks seemingly against US-based firms, currently tied to defense and financial sectors," FireEye spokesman Vitor De Souza said via email. "It's unclear what the motives of this attack group are, at this point. It appears to be broad-spectrum intel gathering."

He declined to elaborate, though he said one way to protect against them would be to switch to another browser.

Microsoft said in the advisory that the vulnerability could allow a hacker to take complete control of an affected system, then do things such as viewing changing, or deleting data, installing malicious programs, or creating accounts that would give hackers full user rights.


FireEye and Microsoft have not provided much information about the security flaw or the approach that hackers could use to figure out how to exploit it, said Aviv Raff, chief technology officer of cybersecurity firm Seculert.

Yet other groups of hackers are now racing to learn more about it so they can launch similar attacks before Microsoft prepares a security update, Raff said.

"Microsoft should move fast," he said. "This will snowball."

Still, he cautioned that Windows XP users will not benefit from that update since Microsoft has just halted support for that product.

The software maker said in a statement to Reuters that it advises Windows XP users to upgrade to one of two most recently versions of its operating system, Windows 7 or 8.


http://zeenews.india.com/business/news/technology/microsoft-rushes-to-fix-internet-explorer-bug-no-fix-for-windows-xp-users_98484.html
 
  • Like
Reactions: Omi
IE comes with Win7. But I never used it. Some of my friends use Firefox. But I am more that happy with Chrome 34.
 
IE bug fix released by Microsoft for Windows XP users


Microsoft is helping the estimated hundreds of millions of customers still running Windows XP, which it stopped supporting earlier this month, by providing an emergency update to fix a critical bug in its Internet Explorer browser.

Microsoft rushed to create the fix after learning of the bug in the operating system over the weekend when cybersecurity firm FireEye warned that a sophisticated group of hackers had exploited the bug to launch attacks in a campaign dubbed “Operation Clandestine Fox.”

It was the first high-profile threat to emerge after Microsoft stopped providing support to its 13-year-old XP operating software on April 8.

Microsoft on Wednesday initially said it would not provide the remedy to Windows XP users because it had stopped supporting the product. But on Thursday, as Microsoft started releasing the fix for the bug through its automated Windows Update system, a company spokeswoman said the remedy also would be pushed out to XP customers.

“We decided to fix it, fix it fast, and fix it for all our customers,” spokeswoman Adrienne Hall said on Microsoft’s official blog.

She said there had not been many attacks exploiting the vulnerability, which Microsoft decided to patch in XP “based on the proximity” to its recent end of support.

“There have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown,” she said in the blog.

At the end of last week, FireEye initially uncovered attacks involving recent versions of Windows that are still supported by Microsoft.

Then, three days ago, it began identifying attacks on Windows XP, which users would not necessarily have been able to thwart if Microsoft had not decided to roll out the update to XP users in addition to other customers.


Read Full Here
 
Finally the fix reached me :lol:lol:k:k

image.png
 
Back
Top Bottom
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features of our website. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock