Microsoft zero day browser alert also touches WinXP: Experts

With Microsoft no longer issuing security patches for Windows XP, what do zero-day security advisories from the company look like now?

Like the one issued over the weekend that doesn’t mention the venerable OS at all, although security experts are certain it’s affected.

Officially, the zero-day exploit hits Internet Explorer version 6 to 11. But knowledgeable people say that’s not all. “People should assume that Windows XP is affected as new vulnerabilities are discovered unless the description specifies a single version of Windows being affected,” writes Lucas Zaichowsky, enterprise defense architect at AccessData, which makes digital forensics products.

According to the Micrsosoft alert, “the vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.”

Yes, viewing the Web site alone will get a user infected.

The vulnerability is so serious that the Unites States Computer Emergency Readiness Team (US-CERT) said that those who can’t follow Microsoft’s mitigation recommendations — including Windows XP users — should consider using another browser.

Meanwhile two new Adobe Flash vulnerabilities have been discovered, according to Kaspersky labs. In a blog the company said each exploit comes as an unpacked flash video file and the source appears to be from a Syrian government Web site. That, and analysis of the code, led it to conclude the exploit is targeted against Syrian dissidents who wanted to use the site to register complaints about government activity.

While one exploit can infect almost any unprotected computer, the other only works properly on computers where Adobe Flash Player 10 ActiveX and Cisco MeetingPlace Express Add-In are installed, Kaspersky says. 

Adobe has issued updates to Flash Player to protect against the exploits.

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web