Internet Explorer patch released for versions 6 – 11

Last week, news broke that Internet Explorer, versions 6-11, contained a major security flaw that would allow a hacker to take complete control of a user’s computer if the user navigated to a site that the hacker had specially crafted.

The threat was so severe that the US Department of Homeland Security even urged users to stop using Internet Explorer until a fix had been released for it.

Microsoft have now released an update for the browser that fixes this issue – anyone with automatic updates turned on will automatically receive it. If you don’t have automatic updates turned on, just go to “Windows Update” in the Control Panel.

Surprisingly, Microsoft have also released an update that fixes the issue for Windows XP users as well, despite officially ending support for the old operating system earlier in April. The alternative would have been to sit back and allow millions of XP users to go about at risk of cyber-attack. The backlash of this for Microsoft could have seen them lose trust in a marketplace where their dominance has already slipped.

Microsoft had this to say about the update, and the situation with XP, on their blog:

One of the things that drove much of this coverage was that it coincided with the end of support for Windows XP. Of course we’re proud that so many people loved Windows XP, but the reality is that the threats we face today from a security standpoint have really outpaced the ability to protect those customers using an operating system that dates back over a decade. This is why we’ve been encouraging Windows XP customers to upgrade to a modern, more secure operating system like Windows 7 or Windows 8.1.

Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we’ve decided to provide an update for all versions of Windows XP (including embedded), today. We made this exception based on the proximity to the end of support for Windows XP. The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown. Unfortunately this is a sign of the times and this is not to say we don’t take these reports seriously. We absolutely do.