Unpatched bug in IE leaves XP users vulnerable

Microsoft warns that exploited bug in IE has been patched for Windows Vista and later but won't be patched for XP

Tags: Microsoft CorporationWindows XP
  • E-Mail
Unpatched bug in IE leaves XP users vulnerable Microsoft appears to be sticking to the decision to withdraw XP support by leaving the IE vulnerability unpatched in the out-of-support operating system.
By  Mark Sutton Published  May 15, 2014

Hackers are already exploiting a vulnerability in Internet Explorer which has not been patched in Windows XP, Microsoft has reported.

The bug was patched by an update from Microsoft on Tuesday, but only for IE users with later versions of Windows than XP. Because Windows XP is out of support, users of IE6, 7 and 8 who are running XP did not receive any patch, and will be vulnerable to exploits of the bug.

The vulnerability, listed as CVE-2014-1815, has been exploited in the past by hackers, Microsoft warned, in ‘drive by' attacks that trigger when an IE user visits a website that carries exploit code.

"Microsoft is aware of limited attacks that attempt to exploit this vulnerability in Internet Explorer," the bulletin stated.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code