14 DAY TRIAL // Microsoft today announced that this month's Patch Tuesday cycle will bring a total of seven security updates, one of which is also expected to address a critical flaw in Internet Explorer 8 that was revealed and acknowledged by the company itself in May.
Since Windows XP reached end of support on April 8 this year, computers still running this particular OS version won't be getting any security patch, so in case they're still running Internet Explorer 8 or an older version of the browser they could easily be hacked.
But there's one thing that our readers noticed soon after Microsoft publicly acknowledged the vulnerability.
HP's Zero Day Initiative (ZDI), the group which discovered the flaw, said in the advisory it rolled out last month that Microsoft knows about this vulnerability since October 2013, which means that it first found out about it more than seven months ago.
For some reason, the company decided to keep it secret, so it delayed a fix which could have also been delivered to Windows XP computers.
Just as expected, some of the readers, and inevitably a lot of Windows XP users, raised one question which could make many people wonder if there's indeed some truth behind these words: what if Microsoft made Windows XP PCs vulnerable on purpose, trying to make sure that users still running it are really considering a switch to a newer Windows version such as 8.1?
Microsoft released security warnings for Windows XP users every few months, emphasizing that they could become vulnerable to attacks once a flaw is found in the operating system.
A company spokesperson, however, states that in some cases, it takes a while to develop a patch, pretty much because it needs more time to test it against a wide array of apps. But seven months undoubtedly sound like a lot of time.
“Some fixes are more complex than others, and we must test every one against a huge number of programs, applications and different configurations. We continue to encourage customers to upgrade to a modern operating system, such as Windows 7 or 8.1, and run the latest version of Internet Explorer which include further protections,” the spokesperson said.
In the end, one thing is for sure. Windows XP computers are no longer getting patches and security fixes, so in case you're still on this particular platform, you have basically no other option than to upgrade. Otherwise, there's no doubt that more flaws will be found very soon and XP machines will become more and more vulnerable to attacks.