Yesterday was Patch Tuesday, or as I like to call it (hopefully for the last time) “Patch Tavis Day”.
Amongst the other vulnerabilities that Microsoft published in its regular round-up of security patches was a fix for the zero day vulnerability found by Tavis Ormandy in Windows XP’s Help and Support Center.
In my opinion, Ormandy irresponsibly disclosed the vulnerability before Microsoft had a chance to fix the problem, making it easy for cybercriminals to exploit the flaw and infect innocent users.
The good news is that now Microsoft has now issued a fix for the problem. But I bet they (and countless other internet users and industry observers) wish that the first that they had heard of this problem was when the patch was rolled-out, rather than…
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.