Microsoft fixes the Zero-Day exploit for IE 6 to 11, also on Windows XP

We wrote about the new Zero-day vulnerability in the Internet Explorer affects all IE Versions from 6 to 11 which is being exploited in limited and targeted attacks. This vulnerability, identified as CVE-2014-1776, could allow remote code execution even if the user doesn’t click on anything.

Microsoft kept their promise and fixed the problem in only 5 days after informing the public.

Most of the customers have automatic updates enabled and will not need to take any action, but if you want to manually trigger an update, just visit Windows Update.


What comes as a surprise is that Microsoft issued the update also for the already beyond End Of Life, Windows XP. Microsoft writes in a blog post:

“We have made the decision to issue a security update for Windows XP users. Windows XP is no longer supported by Microsoft, and we continue to encourage customers to migrate to a modern operating system, such as Windows 7 or 8.1. Additionally, customers are encouraged to upgrade to the latest version of Internet Explorer, IE 11.”

If you want to get the latest version of Internet Explorer, visit the dedicated page here.


Note that for Windows XP you can only install IE up to version 8. IE 9-11 are not running on Windows XP anymore.


Sorin Mustaca

IT Security Expert