Microsoft is releasing patches for all version of Internet Explorer, including those on Windows XP. A major security flaw in Internet Explorer was found being exploited in the wild a few days back. Microsoft is releasing an out-of-band patch on Windows Update at 1PM ET today.
General manager of trustworthy computing Adriene Hall released the following statement:
Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we’ve decided to provide an update for all versions of Windows XP (including embedded), today. We made this exception based on the proximity to the end of support for Windows XP. The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown. Unfortunately this is a sign of the times and this is not to say we don’t take these reports seriously. We absolutely do.
Microsoft is still creating patches for Windows XP for enterprises and government that have special agreements with the Redmond software giant. However, these patches are generally not released to the public. Many governments advised against using Internet Explorer in light of the exploit.
If you’re on Windows XP it is only a matter of time until the next exploit comes out, and Microsoft may not bother patching it next time.
Source: The Official Microsoft Blog