Microsoft released an out-of-band security update to address the security vulnerability in Internet Explorer described in Microsoft Security Advisory 2963983.
Of important note: Although Windows XP is no longer supported by Microsoft, the decision was made to issue a security update for Windows XP users.
Critical:
- MS14-021 -- Security Update for Internet Explorer (2965111)
This security update resolves a publicly disclosed vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using an affected version of Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
References
- MSRC: Out-of-Band Release to Address Microsoft Security Advisory 2963983
- MSRC: Security Update Released to Address Recent Internet Explorer Vulnerability
- TechNet: Microsoft Security Bulletin
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Woody Leonhard (my "go to" reference for these types of things) recommends to WAIT, perhaps until sometime next week, before patching!
ReplyDeleteHe hasn't steered me wrong yet.
I keep track of what to do at AskWoody.com.