Microsoft have issued a patch to fix the vulnerability in all versions of its Internet Explorer web browser that had been serious enough for US Homeland Security to warn against using the software.
The recently zero-day bug could in theory have let an attacker remotely execute malicious code, and all versions of the browser from the current IE11 all the way back to IE6. Once the attacker has run some malicious code, then they could take control of the entire PC, making the threat extremely severe.
Microsoft’s next “Patch Tuesday” was not until 13 May, but the Redmond-based software giant has put all hands on deck to get the fix out as quickly as humanly possible, and released the patch at 19:00 BST today.
Moreover, despite Microsoft having only just ended support for the 12-year-old Windows XP last month, the company has stepped up and also released a patch for XP users, which still account for about 25% of the Windows userbase.