Additionally, even though Microsoft had recently pulled the plug on online support for its much-loved XP operating system, XP users will also be able to receive an update to close the hole that the company said was responsible for “limited, targeted attacks.”
Windows users with automatic updates will receive the patch without having to do anything further. Those without auto-update turned on will have to click the “Check for Updates” button on the Windows Update portion of their Control Panel to receive it.
“Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we’ve decided to provide an update for all versions of Windows XP (including embedded),” writes a company exec in today’s announcement. “We made this exception based on the proximity to the end of support for Windows XP.”
The company has once again tried to downplay the seriousness of the gap, writing that, “The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown.”
That might also have to do with the fact that most people don’t use Internet Explorer anymore so hackers probably didn’t think to exploit the browser.
Microsoft is urging users to turn auto-updates on to ensure that they receive all future security patches as soon as they are released.