Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Microsoft releases security patch for zero-day Internet Explorer vulnerability

Despite support having recently ended, the patch also covers computers running Windows XP, including embedded versions.

The recently discovered bug could have, in theory, allowed for malicious code to be remotely-executed. It was initially thought to have affected computers running IE9 through to IE11, but the bug exists as far back as Internet Explorer 6.

The term “zero-day” refers to the amount of time between when the exploit is first discovered, and the first attack, so these type of bugs are usually patched as quickly as humanly possible. In this case, Microsoft released its updates at 10am PST today.

This bug allows for a malicious third-party to corrupt data held in memory, and then could allow them to execute code on the compromised system. From there on, the world is their oyster, so to speak. In theory, at least, the exploit would allow the hacker access to the system at the same level as the logged in user, and as most people use Windows as administrators, that’s very bad.

Despite Microsoft having only just ended support for XP, the aging operating system will still get access to this patch through the Windows Update system. Microsoft says that people should still upgrade to a more modern operating system as soon as possible, but because of the proximity to the end of XP support, the firm is releasing this update. It does go on to say that reports of the possible damage are “overblown” and that there have been “very few” attacks using the vulnerability.

Perhaps most staggering of all is that XP still makes up 26 per cent of installed operating systems. Windows 8.1, in contrast, has just 5 per cent market share. That, is perhaps one of the other reasons that Microsoft has decided to patch the older operating system.

Read more: XP support ends today UK government pays for extension

Why trust our journalism?

Founded in 2003, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.