Microsoft Issues Advisory For Internet Explorer Vulnerability 152
jones_supa (887896) writes "Neowin reports how Microsoft made a rare weekend post on its Security Response Center blog to announce an advisory that affects all currently supported versions of Internet Explorer (versions 6 to 11). The issue is based on a newly discovered exploit that could be used against the web browser. The vulnerability exists in the way that IE accesses an object in memory that has been deleted or has not been properly allocated. Memory may be corrupted in a way that could allow an attacker to execute arbitrary code in the context of the current user. Microsoft is aware of 'limited, targeted attacks' that have used the exploit. IE 10 and 11 are protected against attacks using this exploit if they have their Enhanced Protected Mode turned on. Also, PCs that have either the Enhanced Mitigation Experience Toolkit 4.1 or the EMET 5.0 Technical Preview installed are also secured against this security hole. Microsoft will take the appropriate action to protect its customers by delivering a security update."
Re:Windows XP (Score:2, Insightful)
Not really, it's just as relevant. XP is 12 years old, hasn't been on sale for about 5 years, and is no longer supported. There are multiple upgrade paths including Windows 7, Windows 8, OS X (well, if you buy a Mac) and even Linux. If the Linux Kernel team isn't expected to continue patching the 2.4 kernel, why should Microsoft be expected to keep patching XP?