Printed from http://www.electronista.com

Windows XP patched to fix zero-day Flash and Internet Explorer exploit

updated 01:49 pm EDT, Thu May 1, 2014

Microsoft reverses course on earlier statement promising no software fix

Despite the update deadline having passed on Windows XP, Microsoft has issued an emergency patch to fix a major problem affecting users of the elderly operating system using Internet Explorer and Flash. The fix is currently available to Windows XP Service Pack 3 owners through the briefly resurrected Windows Update tool.

The exploit uses Adobe Flash to access memory and bypass Windows' ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention) protection systems. Using the attack vector, an attacker able to redirect a victim to visit a specially created site with a prepared Flash file could potentially execute code on the target computer, installing malware and gaining control of the PC.

"We decided to fix it, fix it fast, and fix it for all our customers," spokeswoman Adrienne Hall said in a statement about the unexpected action by Microsoft. The exploit targets Internet Explorer 9 through 11, but the flaw itself exists all the way back to Internet Explorer 6.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Plantronics Rig Surround 7.1 headset

Trying to capture the true soundscape of video games can be a daunting task. Looking to surround-sound home theater options, users hav ...

Adesso Compagno X Bluetooth keyboard

The shift from typing on physical keyboards to digital versions on smartphones and tablets hasn't been an easy for many consumers. Fro ...

Sponsor

toggle

Most Commented

 
toggle

Popular News