Despite end of support, Microsoft has patched Windows XP's browser

[Scorpus]

Following the discovery of a critical, 0-day vulnerability affecting all versions of Internet Explorer, Microsoft has decided to release an emergency update that addresses the security issue. The patch has been issued for all of Microsoft's recent operating systems including Windows XP, despite the fact all support for the 13-year-old OS ended on April 8.

The update has been released outside of Microsoft's usual Patch Tuesday schedule due to the seriousness of the vulnerability. Reports indicate that the flaw is currently being exploited in the wild, and, as it affects Internet Explorer 6 through 11, more than one quarter of all internet users are vulnerable.

The 0-day vulnerability could give an attacker full user rights on the victim's PC, allowing them to install malicious programs, access and delete data, or steal sensitive information. A user would simply have to load a booby-trapped website that exploits the flaw in Internet Explorer for the attacker to gain access.

Even though the security flaw has potentially dire consequences, and it's currently being exploited in the wild, Microsoft's Adrienne Hall downplayed the issues. "The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown," she said in a blog post. "[This] is not to say we don’t take these reports seriously. We absolutely do."

The choice to patch Windows XP alongside newer, and much more secure operating systems like Windows 8.1 and Windows 7 is an interesting one. On the one hand, Microsoft has a responsibility to patch flaws that could seriously affect users of their operating system. On the other, Microsoft has reduced the incentive to depart the outdated and insecure OS, which users have had more than 7 years to do.

Will this be the final patch for Windows XP, or can we expect more down the track?

Permalink to story.

https://www.techspot.com/news/56616-despite-end-of-support-microsoft-has-patched-windows-xps-browser.html

 

[Skidmarksdeluxe]

MS should support XP until the release of their next OS which hopefully will be better received than Win 8 then they could see a mass migratory from XP at which point they can then euthanase it.

 

[LNCPapa]

This should have happened with Win7. People don't like change.

 

[Heihachi1337]

MS should support XP until the release of their next OS which hopefully will be better received than Win 8 then they could see a mass migratory from XP at which point they can then euthanase it.

Or those folks that remained with Windows XP should have upgraded to Windows 7 already.
Can't help but notice you comment to bash on Windows 8, but fail to mention anything about 7.
Keep coming up with excuses to remain with a dinosaur OS with dated security though.

 

[drjekel_mrhyde]

MS should support XP until the release of their next OS which hopefully will be better received than Win 8 then they could see a mass migratory from XP at which point they can then euthanase it.

Should they support 98' till Windows 12 also? XP should've been put to death two years ago.

 

[GhostRyder]

I have very little sympathy for the people still running XP in any environment. Its feature set is dated and it was released in October of 2001 to the general public which is over 12 years old now. People if they didn't want Vista should have upgraded when 7 came out and such instead of waiting and now using the excuse that Windows 8 is not their cup of tea to upgrade.

Im sorry, I loved XP as well but it was time to move on awhile ago. Im surprised Microsoft actually patched something for XP even after its EOL which was a nice gesture by Microsoft.

 

[Guest]

To all the MS toadies who are actively promoting the abortion of an O.S. known as Windows 8 I have a news flash - the patch was for MS Explorer, not XP.

 

[VitalyT]

What most people here do not realize is that there are many PC-s out there created for very specific tasks, pre-installed with specific software to do just that, serving as stand-alone nodes.

Examples: Geo and Weather Monitoring, Gas & Electrical control nodes, Static access triggers (non-user), etc... lots of automated-processing and SCADA-dedicated machines.

Those were fine-tuned and deployed ages ago, and most have either none or very basic Internet connectivity. Nobody is going to update OS on those machines until the day when they die completely, which may take another decade.

This is simply the reality that won't be changed by the "concerned views" of the side observers who like pointing fingers. And it is going to stay this way.

 

[Skidmarksdeluxe]

Or those folks that remained with Windows XP should have upgraded to Windows 7 already.
Can't help but notice you comment to bash on Windows 8, but fail to mention anything about 7.
Keep coming up with excuses to remain with a dinosaur OS with dated security though.

I wouldn't say that, I'm still happy with Win 95.

 

[Nobina]

I have very little sympathy for the people still running XP in any environment. Its feature set is dated and it was released in October of 2001 to the general public which is over 12 years old now. People if they didn't want Vista should have upgraded when 7 came out and such instead of waiting and now using the excuse that Windows 8 is not their cup of tea to upgrade.

Im sorry, I loved XP as well but it was time to move on awhile ago. Im surprised Microsoft actually patched something for XP even after its EOL which was a nice gesture by Microsoft.

Not everyone cares about which OS they have as long as it works. I guess XP works for some people and they don't care for other OSes, or don't even know what OS is cause they don't follow tech related stuff. Also, In poorer countries, people use ~10 year old PCs and Windows 7 won't run on them or they don't care to give money for it.

 

[GhostRyder]

Not everyone cares about which OS they have as long as it works. I guess XP works for some people and they don't care for other OSes, or don't even know what OS is cause they don't follow tech related stuff. Also, In poorer countries, people use ~10 year old PCs and Windows 7 won't run on them or they don't care to give money for it.

If you don't care though then losing support should not matter to you because your not changing much anyways. Fact is no company including Microsoft should be forced to support a really old version of their OS because some people want to change. It was nice of them to update the browser issue, but the fact remains XP is over 10 years old and they can't focus on every OS they have made. They eventually have to move on and people will eventually have to as well (for the people that do not do much and just need it for basic tasks, nothing is going to change anyways).

I wouldn't say that, I'm still happy with Win 95.

Rofl

 

[Gaara]

This is Great thank you MS!!!

 

[Guest]

This should have happened with Win7. People don't like change.

People who don't like change are idi0ts, plain and simple.

 

[treetops]

That's nice of them, perhaps they should hand over the xp reigns to a none profit organization, a college or something. Or maybe techspot lol. Anyways some people still have very old rigs like my gran pa, dad, sister. They use it to look at family photos and research topics on the web. These old rigs do not even meet the requ of windows 7. I guess I can give them linux or something idk.

I love windows 7, but a ton of people still use xp. I know microsoft needs to make its money. Oh well.

 

[cliffordcooley]

I have very little sympathy for the people still running XP in any environment.

Not everyone can afford to replace each and every one of their devices. I agree that we should move on and stop supporting XP, but to say you have little sympathy for those who have little choice is ______ (I'll let you fill in the blank).

 

[CrisisDog]

I think MS should have enabled a subscription program for XP, just like Adobe has for its CS suite, or many antivirus companies do to keep you up to date with definitions. Granted, I would not want to see a brand new OS on subscription, but once "end of life" is reached, continued support would need to be paid for. A lot of corporate companies would probably have jumped on this, as they paid more to hire contractors in to help rush in an upgrade to something a little more recent. This is basically what the British government has ended up doing for continued support, but at a higher cost as they and very few others have required continued updates until they finish their conversions. If more companies were to jump in, with Microsoft hopefully lowering the cost due to additional demand, I think it would have worked.

 

[GhostRyder]

Not everyone can afford to replace each and every one of their devices. I agree that we should move on and stop supporting XP, but to say you have little sympathy for those who have little choice is ______ (I'll let you fill in the blank).

Who are you referring to? For the home user the end of support won't mean much because I highly doubt it would matter or change anything.

For the businesses I stand by what I said. That OS is 12 years old and there have been 3 other versions released. Businesses choose to stay and not pay to upgrade their software and run dated systems that break down all the time. I see it every day and it's annoying beyond belief. They have known this would eventually happen which is why I have no sympathy for them and the complaints. Custom software or not, these companies should not be so shocked and upset about microsoft not wanting to work on an os that's over 10 years old.

If we were talking about 7, I would have loads of sympathy since it's not that old.

 

[Skidmarksdeluxe]

Or those folks that remained with Windows XP should have upgraded to Windows 7 already.
Can't help but notice you comment to bash on Windows 8, but fail to mention anything about 7.
Keep coming up with excuses to remain with a dinosaur OS with dated security though.

I use Win 8 but I was also telling it like it really is. You've gotta admit they didn't outdo themselves on the desktop version but the mobile version (non RT) is OK. Contrary to popular belief the desktop is far from dead and it wouldn't surprise me at all if it long outlives it's mobile counterparts as we know them now.

 

[Ultraman1966]

Having used Win 8 since launch I can tell you that I have warmed to it and the last two major updates have made great strides in improving the desktop UI. Fact is that on desktop it is almost identical to Win 7. It is a very good OS which actually has LOWER hardware requirements than Win 7. Most who bash it have had little to no experience of using it. Btw, people who are home users with XP could try switching to Ubuntu/Lubuntu etc but having had first experience of putting it on several of my colleague's old laptops, it can be quite a dog if you're not very tech savvy.

 

[Sunny87]

What most people here do not realize is that there are many PC-s out there created for very specific tasks, pre-installed with specific software to do just that, serving as stand-alone nodes.

Examples: Geo and Weather Monitoring, Gas & Electrical control nodes, Static access triggers (non-user), etc... lots of automated-processing and SCADA-dedicated machines.

Those were fine-tuned and deployed ages ago, and most have either none or very basic Internet connectivity. Nobody is going to update OS on those machines until the day when they die completely, which may take another decade.

This is simply the reality that won't be changed by the "concerned views" of the side observers who like pointing fingers. And it is going to stay this way.

I was just going to say that loads of cisco BMS systems have very very low tech hardware with no internet connection that run XP on PIII machines the only time they will die is when they won't be able to activate win XP after the system fails and needs a rebuild.

What's more troubling for me is the use of Windows XP in ATM/Cash Machines as I'm sure they require some VPN connection into a server that will have internet conection, I know it can be disabled but surely the OS upgrade should have been done years ago.

I know BT are looking to experiment with Win7 Starter for their BMS systems alongside CISCO, I don't imagine for one minute that would work very well maybe a pro version of 7 stripped down to basic installation.

As stated this is not an OS issue but more a product issue, it's like saying I've made this software compatible with Windows OS's you've spent 1000's on it but won't update it because you're running it on XP.
As it clearly states that those browsers are XP compatible then the software should be patched regardless of OS, if the OS was incompatible with XP then I get it but it is so support for the software itself should exist not necessarily the OS as that's well old hat to me.

 

[cliffordcooley]

Having used Win 8 since launch <snip> Most who bash it have had little to no experience of using it. <snip>

For me personally that's because Windows 7 looks better. I don't want an experience with the cosmetic trash called Windows 8. Was that bashing enough for you? I hate people saying crap like "try it, you might like it". That's bullshiit! The thing about cosmetics, you don't have to try it, once you've seen it to know. I have Windows 7 and would go back to Windows XP before using Windows 8.

I know BT are looking to experiment with Win7 Starter for their BMS systems alongside CISCO, I don't imagine for one minute that would work very well maybe a pro version of 7 stripped down to basic installation.

They should go ahead and use Windows 8 if that is all they want.

 

[captaincranky]

You know, they're still talking about this vulnerability affecting IE-6!

Dudes, if anyone is still using IE-6, they deserve whatever manner of ill fate which befalls them.

You say, (tearfully), "my bank account is empty, after browsing with IE-6"! I say, "you got what was coming to you"

I'm not entirely sure you even have to have an internet connection with IE-6. You might get infected simply trying to launch that turd.

Having used Win 8 since launch I can tell you that I have warmed to it and the last two major updates have made great strides in improving the desktop UI. Fact is that on desktop it is almost identical to Win 7. It is a very good OS which actually has LOWER hardware requirements than Win 7. Most who bash it have had little to no experience of using it. Btw, people who are home users with XP could try switching to Ubuntu/Lubuntu etc but having had first experience of putting it on several of my colleague's old laptops, it can be quite a dog if you're not very tech savvy.

I'm really tired of hearing, "how much better Windows 8 is, now that it looks and works like Windows 7". OTOH, that isn't as annoyingly stupid as, "you can buy add-ons to make Windows 8 look and work like Windows 7"
So I suppose we should all piss away at least a hundred bucks, to get a new OS which we should then retrofit, to make it work like the one we already have.

As far as the lower hardware requirements issue is concerned, face it, we all pretty much have more computing capability than we know what to do with. So, it follows logically that we can keep that hundred bucks in our pocket, and discount completely any capacity we're giving away by still using Windows 7.

When you come right down to it XP is the easiest to run, hardware wise, of the 4 latest M$ operating systems. In fact, it should be on a par with the latest versions of Ubuntu.

Windows XP was just too well designed. Yeah, that's right, and that's why so many people are still using it. The only really salient feature worth upgrading to Vista or Win 7, (at the time of their release), was the native SATA, or if you prefer, AHCI drivers, included with those 2 OS.

A lot of this is all really tedious. More often than not, these discussions devolve into a bunch of autocrats, talking down to XP users because they aren't brainwashed sufficiently, to start trumpeting the virtues of Windows 8, from atop the M$ bandwagon.

 

[Ultraman1966]

The Win 8 bandwagon? Get off your high horse, if you love XP so much then why are you even in a tech enthusiast website? XP was built more than 12 years ago in a completely different time, so many tech generations have passed and the internet is now ubiquitous; back then people were just about getting broadband but 56k was still the majority. XP is MS' best OS, I used it till Win 7 was released but that doesn't mean people who don't have to continue using it I.e. those who don't depend on Bespoke software.

I paid just 25 quid to upgrade to Win 8 on launch and again, there is no need to install any add ons to go back to the start menu. You will spend 99% of your time on the desktop mode so who gives a crap that you have to launch your applications differently? It takes just a few seconds to hit start and then type the first letter of what you want...

As I said, I gave Ubuntu and variants a good go but the huge driver support that Window makes it so much easier to use.
And I don't know what you're preaching but never for a second did I say someone on Win 7 should move to Win 8 but merely that all those who bash Win 8 have never truly used it but repeat the same pack of crap over and over.

 

[Jad Chaar]

This patch is urgent, but people may think of MS as hypocrites from now on.

 

[GhostRyder]

This patch is urgent, but people may think of MS as hypocrites from now on.

Its more of a D*mned if you, D*mned if you don't moment. I can guarantee you no matter what happened Microsoft would not have the battle.