Microsoft makes one-time exception, patches IE on Windows XP
Calls news coverage of IE vulnerability ‘overblown,’ but patches IE6, IE7 and IE8 on XP anyway
May 1, 2014
(Computerworld)
Microsoft today shipped an emergency update for Internet Explorer to close a hole that hackers had already been exploiting.
But in an unexpected move, Microsoft allowed Windows XP machines to receive the update, even though it had long held that the 13-year-old operating system had absolutely, positively retired on April 8.
“I’m surprised they went out-of-band at all,” said Andrew Storms, director of DevOps at security company CloudPassage, using the term for an emergency update outside the normal monthly patch cycle Microsoft maintains. “While there was a lot of talk about this zero-day, it was mainly focused on the XP angle.”
In fact, today’s turnabout was bigger news than the security update itself, something Microsoft tacitly acknowledged by posting a long […]