Attackers are actively exploiting a previously unknown vulnerability in all supported versions of Internet Explorer that allows them to surreptitiously hijack vulnerable computers, Microsoft warned Sunday.
There are three months to go for Windows XP. The ancient operating system is leaving extended support on April 8, at which point Microsoft will no longer ship free security fixes. XP itself isn't the only thing that's losing support on that date. The Windows XP version of Microsoft Security Essentials, the company's anti-malware app, will stop receiving signature updates on that date and will also be removed for download.
Microsoft today used the hoary practice of predicting next year to drive another nail into Windows XP's coffin.
In an eight-item prognostication from several security professionals on its anti-malware and Trustworthy Computing teams, Microsoft forecast an increase in cybercrime that exploits unsupported software.
Over a month ago, we reported that many users defiant or unable to upgrade from Windows XP were experiencing a bug in SVCHOST that causes the CPU of a PC to go up to 100 percent usage. We contacted Microsoft for comment but they did not send back a response.
Cyber criminals will bank their Windows XP zero-day vulnerabilities until after Microsoft stops patching the aged operating system next April, a security expert argued today.
Jason Fossen, a trainer for SANS since 1998 and an expert on Microsoft security, said it's simply economics at work.
