AAPL Stock: 117.81 ( -0.22 )

Printed from

Windows XP patched to fix zero-day Flash and Internet Explorer exploit

updated 01:49 pm EDT, Thu May 1, 2014

Microsoft reverses course on earlier statement promising no software fix

Despite the update deadline having passed on Windows XP, Microsoft has issued an emergency patch to fix a major problem affecting users of the elderly operating system using Internet Explorer and Flash. The fix is currently available to Windows XP Service Pack 3 owners through the briefly resurrected Windows Update tool.

The exploit uses Adobe Flash to access memory and bypass Windows' ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention) protection systems. Using the attack vector, an attacker able to redirect a victim to visit a specially created site with a prepared Flash file could potentially execute code on the target computer, installing malware and gaining control of the PC.

"We decided to fix it, fix it fast, and fix it for all our customers," spokeswoman Adrienne Hall said in a statement about the unexpected action by Microsoft. The exploit targets Internet Explorer 9 through 11, but the flaw itself exists all the way back to Internet Explorer 6.

by MacNN Staff



Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines

Follow us on Facebook


Most Popular


Recent Reviews

Ultimate Ears Megaboom Bluetooth Speaker

Ultimate Ears (now owned by Logitech) has found great success in the marketplace with its "Boom" series of Bluetooth speakers, a mod ...

Kinivo URBN Premium Bluetooth Headphones

We love music, and we're willing to bet that you do, too. If you're like us, you probably spend a good portion of your time wearing ...

Jamstik+ MIDI Controller

For a long time the MIDI world has been dominated by keyboard-inspired controllers. Times are changing however, and we are slowly star ...


Most Commented