Microsoft issued a fix Thursday for a major security flaw found in Internet Explorer.
The flaw, dubbed "Operation Clandestine Fox," was discovered by FireEye over the weekend, and it affected every version from Internet Explorer 6 on. (Via Microsoft)
Mashable says it "allow[ed] bad guys to gain complete access to a PC via a malicious website." It was dangerous enough that the Department of Homeland Security was recommending users change browsers until it was fixed.
Now the fix has been pushed to everyone — even you Windows XP users, but we'll come back to you.
Microsoft says most of its customers have automatic updates, so you will not need to do anything to get the fix. If you don't get auto-updates, visit the Windows Update website. (Via YouTube / Help Video Guru, YouTube / iYogi)
Back to you Windows XP users, though. Yeah, we see you there.
Although Microsoft officially stopped supporting the operating system earlier this month, it's extended the update to XP because the flaw appeared so close to the end of its support.
Adrienne Hall, a general manager at Microsoft, says: "Of course we're proud that so many people loved Windows XP, but the reality is that the threats we face today from a security standpoint have really outpaced the ability to protect those customers using an operating system that dates back over a decade."
A writer for The Next Web doesn't like the decision, saying, "Just because the flaw was discovered soon after support ended, doesn't mean the company should backtrack on its stance."
After all, roughly a quarter of the market still uses XP, according to analytics from Net Applications. This flaw could've been the push some users needed.
For what it's worth, Microsoft did use this as a time to remind and encourage users to switch to Windows 7 or 8.1. (Via Microsoft)
Seems like the problem was too serious to ignore, even on XP. Thursday's release is what's called an "out-of-band" fix. Microsoft traditionally releases updates the second Tuesday of the month.
A strategist with Rapid7, a computer security firm, tells USA Today companies like Microsoft have expensive workflows. To interrupt them "is a noteworthy event where a vendor is placing the public good ahead of their development and delivery lifecycle."