XP included in IE security update

Microsoft has included Windows XP in a security update issued to fix a flaw in its Internet Explorer programme that left users vulnerable to attack.

The 12-year-old software was discontinued from Microsoft's automatic updates earlier this month, as the technology giant attempted to encourage users to upgrade to newer versions of its operating system.

But with so many individual and business users still running XP - including the UK Government - Microsoft has included it in this update.

Microsoft group manager of response communications Dustin Childs said: "We have made the decision to issue a security update for Windows XP users.

"Windows XP is no longer supported by Microsoft, and we continue to encourage customers to migrate to a modern operating system, such as Windows 7 or 8.1. Additionally, customers are encouraged to upgrade to the latest version of Internet Explorer, IE 11."

The security issue was discovered earlier this week, with the Windows software developer issuing a statement via their website explaining how hackers could gain access to a user's computer and all its settings by drawing them to malicious websites via links sent in emails or other messages.

According to Microsoft, any successful hacker could have gained full access to the victim's user account should a malicious link be followed, meaning the hacker would be able to change passwords and access any data linked to that account, including email and other personal data.

In a blog post on the company website, general manager of trustworthy computing at Microsoft Adrienne Hall said: "The security of our products is something we take incredibly seriously, so the news coverage of the last few days about a vulnerability in Internet Explorer has been tough for our customers and for us.

"We believe, and take a huge amount of pride that, among widely used browsers, IE is the safest in the world due to its secure development and ability to protect customers, even in the face of cybercriminals who want to break it.

"Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we've decided to provide an update for all versions of Windows XP, today. We made this exception based on the proximity to the end of support for Windows XP."

The flaw comes just weeks after the discovery of the Heartbleed bug - a two-year-old weakness in the encryption used to protect sensitive data such as passwords when they are sent between computers and servers, which is still being tackled with patches to fix affected websites.

Source : Yahoo