Printed from http://www.electronista.com

Windows XP patched to fix zero-day Flash and Internet Explorer exploit

updated 01:49 pm EDT, Thu May 1, 2014

Microsoft reverses course on earlier statement promising no software fix

Despite the update deadline having passed on Windows XP, Microsoft has issued an emergency patch to fix a major problem affecting users of the elderly operating system using Internet Explorer and Flash. The fix is currently available to Windows XP Service Pack 3 owners through the briefly resurrected Windows Update tool.

The exploit uses Adobe Flash to access memory and bypass Windows' ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention) protection systems. Using the attack vector, an attacker able to redirect a victim to visit a specially created site with a prepared Flash file could potentially execute code on the target computer, installing malware and gaining control of the PC.

"We decided to fix it, fix it fast, and fix it for all our customers," spokeswoman Adrienne Hall said in a statement about the unexpected action by Microsoft. The exploit targets Internet Explorer 9 through 11, but the flaw itself exists all the way back to Internet Explorer 6.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Tablo DVR

With over-the-top content options growing past Hulu and Netflix, consumers may be finding it harder to justify paying a monthly fee fo ...

Sound Blaster Roar Bluetooth speaker

There could very well be a new king of the hill for Bluetooth speakers, with Sound Blaster's recent entry into the marketplace. Bringi ...

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Sponsor

toggle

Most Commented

 
toggle

Popular News