UPDATED - Microsoft released a security update for Internet Explorer earlier this week. The update will be downloaded and installed automatically for users with automatic updates enabled.
Windows XP is no longer supported by Microsoft, however they have decided to issue a security update for Windows XP customers. Microsoft encourages customers to upgrade to a modern operating system, as well as, enabling firewalls, applying all software updates and installing antivirus software.
A vulnerability in Microsoft’s popular Internet Explorer web browser can allow a “remote, unauthorized attack” on users’ computers, the company announced over the weekend via a Service Advisory. Although it is working to fix the problem, the company suggests “workarounds.”
Meanwhile, the U.S. Computer Emergency Readiness Team, a division of the Department of Homeland Security, is urging computer users to employ Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) if possible, or temporarily switch to a different browser until an official update is made available.
The “use-after-free” vulnerability can allow remote attackers to install code on a user’s computer without authorization. Versions 6 through 11 of Internet Explorer (IE) are vulnerable, and users who still have the Windows XP operating system are at greater risk because the company is no longer supporting the product.
Better Business Bureau is joining with security experts in recommending that IE users take the following steps:
Windows XP users should upgrade their operating system or disconnect the computer from the Internet, as the company no longer supports this version of Windows.