Microsoft has today announced that the reported Internet explorer vulnerability, which was revealed by Microsoft in a security advisory last week, will be fixed with an update going live today. This “remote code execution vulnerability” affected Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11.
The security of our products is something we take incredibly seriously, so the news coverage of the last few days about a vulnerability in Internet Explorer (IE) has been tough for our customers and for us. We take a huge amount of pride that, among widely used browsers, IE is the safest in the world due to its secure development and ability to protect customers, even in the face of cybercriminals who want to break it.
This means that when we saw the first reports about this vulnerability we said fix it, fix it fast, and fix it for all our customers. So we did. The update that does this goes live today at 10 a.m. PDT.
Great news is that, the fix will be released for users on dated Windows XP operating systems as well.
Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we’ve decided to provide an update for all versions of Windows XP (including embedded), today. We made this exception based on the proximity to the end of support for Windows XP. The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown. Unfortunately this is a sign of the times and this is not to say we don’t take these reports seriously. We absolutely do.