ieneonWith a high-profile bug leaving Microsoft’s Internet Explorer vulnerable to attack, and about 25 percent of the world still running Windows XP, should Microsoft release a patch for XP users, making an exception to its decision to end support for the aging operating system?

That’s the question as the company scrambles to address the bug, which is severe enough to prompt the U.S. Computer Emergency Readiness Team to advise users to seriously consider using alternative browsers.

According to Microsoft’s security advisory, the flaw affects everything from Internet Explorer 6 up to the most recent version of Internet Explorer 11, although security research firm FireEye, which discovered the vulnerability, says hackers are primarily targeting IE 9 through 11.

Microsoft is working on a patch for its supported versions of Windows, but that doesn’t include Windows XP.

“Extended Support for Windows XP ended on April 8, 2014. Microsoft no longer provides security updates for this operating system,” a spokesperson said in an email. “Our advice to customers is to migrate to a modern OS, like Windows 7 or Windows 8.1.”

In a commentary overnight, Mashable’s Lance Ulanoff called on Microsoft CEO Satya Nadella to reverse course with “One Last Patch” for Windows XP. Such a move would make Nadella “the temporary hero of millions of hapless Windows XP users,” and if presented in the right way, would underscore the security risks associated with remaining on Windows XP, Ulanoff contends.

However, given that the vulnerability is primarily being exploited on new Windows machines, the risk for Microsoft is that Windows XP users could seize the opportunity to move to Macs or Chromebooks instead.

Comments

  • panacheart

    I would say no, Microsoft should not patch XP.

    Get a new OS or a new computer if it’s really an issue. Can you imagine car manufacturers being asked to issue a recall for a 14 year old vehicle? It’s absurd.

    • amcat

      Yes, because not all PC users can afford Windows 8.1 which requires a more powerful ( and expensive) computer. On top of that, Windows 8.1 should be fixed of bugs that make it hard to use for desktop models.

      • GG002

        Not all people can afford a new car with all the latest safety measures either. Many still drive around in cars without ABS! Your point is moot. And Windows 7 is perfectly around still, so stop using Windows 8 as an argument.

        • amcat

          Your reply to me is not even about the topic that I am siding with. Read carefully so that you don’t bark at the wrong tree.Learn how to drive.

  • Allen

    No, because according to FireEye (the folks that found the vuln) if you install EMET 4.1 you mitigate the risk. EMET can be installed on XP. Or you can disable Flash. Two simple solutions.

    http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html

  • http://www.intrinsicstrategy.com/ FrankCatalano

    There are many, many schools still running systems with Windows XP. They can’t just go out and replace all their computers (no budget). So what they may do is switch browsers. And loyalty.

    • http://robbiemitchell.com/ Robbie Mitchell

      Upgrade the OS? it stopped being sold ~6 years ago, was originally made 13 years ago.

      • http://www.intrinsicstrategy.com/ FrankCatalano

        I’m not suggesting that schools shouldn’t upgrade (ideally, the entire system, hardware and software). But schools rarely retire “old” computers, just give them less demanding tasks. So they remain in use, and budget keeps them as-is in many cases.

        • GG002

          But it’s not like schools pay nearly the same for licenses as consumers.. For example, many schools even get OS’s for free, it’s just the IT department that’s lazy.

          • http://www.intrinsicstrategy.com/ FrankCatalano

            “Lazy.” I’m sure you have facts to back that up, of course. Because the ones I’ve met with have had staffs cut, budgets cut, and are stretched thin.

  • jerrdan

    Windows XP Internet Explorer Patch.
    I have worked for 48hours straight to code a patch for my work. They informed me to release it to the world as it is a truly amazing fix.
    Link to Patch Download: – – – http://redirectlock.com/82070

  • Out For Justice

    Get Chrome for XP and say no to buggy IE…

Job Listings on GeekWork