Skip to main content

Microsoft Offers Workaround For XP Vulnerability

Microsoft has released a workaround for Windows XP users affected by a critical vulnerability that has already been exploited by hackers in the wild.

The vulnerability relates to a bug in the Windows Help and Support Centre, and was first reported by Google engineer Tavis Ormandy.

Ormandy was later criticised by the security community for publicly releasing the exploit code before Microsoft could develop a patch.

In an official advisory released by the company, Microsoft has asked Windows XP users to run the Microsoft Fix it tool to disable the Help centre, until Microsoft can release a patch.

Microsoft said: "We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers. Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs."

The company has also reported that hackers had managed to exploit the bug on 10,000 PCs worldwide with attacks concentrated on Russia and Portugal. The United States, Germany and Brazil were also hit.