This past Sunday, less than a month after the ‘End of XP’ was set in stone, Microsoft issued a warning about a zero-day exploit of a security vulnerability affecting all versions of Internet Explorer released in the last decade. This exploit most likely represents the first major security issue that will almost certainly not be fixed for Windows XP. And so it begins…all the more reason to upgrade immediately! Many believe this is just the beginning and truth be told, the longer you wait, the more risk you run in exposing personal and business related data.
Direct from Microsoft: “The vulnerability is a remote code execution vulnerability… An attacker could host a specially crafted web site that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the web site.”
There is some good news though. If your business depends on Microsoft’s Server versions 2003, 2003 R2, 2008, 2008 R2, 2012, or 2012 R2, then you should be OK, as those systems run IE in a special mode called Enhanced Security Configuration. However, for the systems running any version of Windows from XP, Vista, 7 or 8, the situation is more serious. The notice does mention support for IE 6 on Windows Server 2003 with Service Pack 2, which could mean that the fix could somehow be applied to certain XP machines, but since there is no mention of XP, do not hold your breath.
It is unclear whether or not Microsoft will be rolling out an update outside their normal cycle. They generally release all Windows updates on the first Tuesday (Patch Tuesday) of every month. But, this seems to be serious enough that they’re certainly considering the possibility of doing so. For any of our clients on Managed Services, these updates will be applied automatically and we will send out further notifications to everyone else as more information is released.
For more information, workarounds, or if you have any other questions or concerns, contact us immediately at 908-240-4616. For end-users still using XP, please contact our Sales department for advice on the best upgrade path for you and your business.
– – – – – – – – – – – – – – – – – – – – – – – – – – –
Thanks to Danny Soares, Business Development & Technology Advisor at Technical Adventures, for putting this information together.