Just as promised, Microsoft made absolutely no exception this time and decided to leave Windows XP out of the Patch Tuesday cycle, which means that those running this OS version could become vulnerable to attacks overnight once cybercriminals find an unpatched bug.
Microsoft obviously reminded users that Windows XP is no longer included in Patch Tuesday rollouts, recommending everyone running it to at least consider their upgrade options to Windows 7 or Windows 8.1.
According to third-party statistics, Windows XP is currently installed on 26 percent of computers worldwide, despite the end of support deadline reached on April 8.
The problem is that only a few users are actually planning to upgrade to a different OS version that still receives updates, which makes many wonder what could happen when someone finds a flaw in Windows XP.
Microsoft today said that one of the issues it found in the operating system affects “all Windows versions,” which means that Windows XP is very likely to have this bug as well. Patched by bulletin MS14-027, this flaw comes down to an “elevation of privilege vulnerability when the Windows Shell improperly handles file associations. A successful attacker could run code in the LocalSystem context,” according to Redmond itself.
The worst is that Microsoft has already confirmed that it’s aware of attacks aimed at this flaw, while a Secunia expert recently warned that in case a vulnerability affecting all Windows versions is found, hackers could try to reverse the released patches in order to find a way to break into Windows XP computers.
The only way to remain secure at this point, especially when talking about a vulnerability that affects Windows XP as a whole, is to upgrade to a different operating system. Microsoft’s operating system of choice is Windows 8.1, but many have already decided to go for Windows 7 because it sports a more familiar interface and is a little bit more friendly with low-spec computers.