After Google hack, Microsoft asks users to abandon IE6, XP
Microsoft is using a widely publicized flaw in Internet Explorer as a way to push users to upgrade both their browsers and operating systems.
On its Security Research & Defense blog, Microsoft explains that while IE7 and IE8 on Windows Vista and Windows 7 both include the flawed code that was exploited in the recent Chinese attacks on Google, the publicly published exploit code only works against IE6 on Windows 2000 and Windows XP. So the company is urging users to think about upgrading their version of IE, or even their OS (which also results in a newer version of IE).
“As you can see, the client configuration currently at risk is Windows XP running IE6,” the blog post reads. “We recommend users of IE6 on Windows XP upgrade to a new version of Internet Explorer and/or enable DEP. Users of other platforms are at reduced risk. We also recommend users of Windows XP upgrade to newer versions of Windows.”
Read more: arstechnica.com