Microsoft is announcing that it will be rolling out an out-of-band patch today for all versions of Internet Explorer affected by the recently reported zero-day flaw.
In a blog post, Dustin Childs, Group Manager for Response Communications of Microsoft Trustworthy Computing, has not only announced the fix, but also announced that the fix will be available even for Windows XP.
This is a 180 degree turnaround from what the company stated just days ago. Windows XP support ended on April 8, 2014 and the intent was to stop supporting the aging OS completely. However, the announcement today that a patch will become available for the 13 year old OS, sets a dangerous precedent. It's great that Microsoft is helping to bolster security for the dead operating system, but should another major flaw be discovered, you can bet that Windows XP users will be demanding the same treatment.
Not surprisingly, Windows XP share fell over the past week as users and IT Pros hustled to accelerate migrations to newer Windows versions in lieu of the open hole.
The advance notification security bulletin has now also been posted here: Microsoft Security Bulletin Advance Notification for May 1, 2014