Microsoft: Windows XP Update An 'Exception' - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Operating Systems
News
5/1/2014
04:53 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Microsoft: Windows XP Update An 'Exception'

XP users shouldn't expect additional support from Microsoft, despite its heroic last-minute security update for Internet Explorer.

Microsoft Office For iPad: 7 Questions Answered
Microsoft Office For iPad: 7 Questions Answered
(Click image for larger view and slideshow.)

Many Windows XP users are no doubt relieved that Microsoft decided to include Windows XP in a security update for a recently-disclosed bug -- but they shouldn't assume support will continue. Microsoft said XP remains an unsupported product, and that it made an exception to include it in this update only because the issue arose so near the operating system's end-of-life deadline.

Microsoft began deploying the update around 1 p.m. EST on Thursday. Users who have enabled automatic updates shouldn't need to take any action. Otherwise, users can access the update via the Control Panel's Windows Update section. Microsoft rarely releases out-of-cycle updates like this one. Most arrive during the company's monthly Patch Tuesday releases.

[Is XP really at risk? Read Windows XP Security Issues: Fact vs. Fiction.]

After disclosing the bug last weekend, Microsoft suggested a number of workarounds, many of which were inapplicable to XP machines. In a blog post, Microsoft Trustworthy Computing GM Adrienne Hall encouraged XP users to upgrade.

Image: Nick Perla (Flickr)
Image: Nick Perla (Flickr)

She wrote that today's cyberthreats are too sophisticated for an operating system first released over a decade ago. Microsoft officials have repeated this message countless times in recent months, but many users remain unpersuaded; over a quarter of PC users still relied on XP in April, according to web-tracking firm Net Applications.

Attacks against XP are already ongoing, according to FireEye, the security firm that took credit for discovering the vulnerability and gave it its nickname, "Operation Clandestine Fox."

In a Thursday blog post, the firm said it has detected a "version of the attack that specifically targets out-of-life Windows XP machines running IE 8." FireEye said earlier attacks involved only IE 9, 10, and 11 on Windows 7 and 8. The bug affects all versions of IE from 6 to 11. The firm warned that the new method that involves XP "means the risk factors of this vulnerability are now even higher."

FireEye said it initially observed attacks against the defense and financial sectors but has since detected campaigns against government and energy institutions as well.

Microsoft will host a webcast Friday at 2:00 p.m. EST to discuss the security update in greater detail.

Could the growing movement toward open-source hardware rewrite the rules for computer and networking hardware the way Linux, Apache, and Android have for software? Also in the Open Source Hardware issue of InformationWeek: Mark Hurd explains his "once-in-a-career opportunity" at Oracle.

Michael Endler joined InformationWeek as an associate editor in 2012. He previously worked in talent representation in the entertainment industry, as a freelance copywriter and photojournalist, and as a teacher. Michael earned a BA in English from Stanford University in 2005 ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Charlie Babcock
100%
0%
Charlie Babcock,
User Rank: Author
5/1/2014 | 7:05:30 PM
A good reason to fix this bug...
The statement that this XP bug was fixed isn't really logical. It says the fix was authorized because the bug occurred so near the end of XP's life. Well, an end of life deadline is just that, unless there's a good reason not to follow through. In this case, as in the next one, the reason to fix a bug is because so many people are still using the operating system. 
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Slideshows
10 Things Your Artificial Intelligence Initiative Needs to Succeed
Lisa Morgan, Freelance Writer,  4/20/2021
News
Tech Spending Climbs as Digital Business Initiatives Grow
Jessica Davis, Senior Editor, Enterprise Apps,  4/22/2021
Commentary
Optimizing the CIO and CFO Relationship
Mary E. Shacklett, Technology commentator and President of Transworld Data,  4/13/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll