Previous round, that is, on Tuesday 8 September, it was patched multiple vulnerabilities in Windows, including a serious security hole in the TCP / IP implementation, which allows for remote execution of arbitrary code.
Windows XP, Vista, Windows 2000, 2003 and 2008 Server all affected by this vulnerability, which according to Microsoft, a critical severity.
Windows XP is not among the operating systems that have the security hole removed.
Software giant says that they will correct this error in Windows XP, although Microsoft has committed to support XP until April 2014. The eight-year-old OS-a is also still the world's most widely used.
The explanation the company gives are out of a Q & A session, where Microsoft will be asked to explain why XP in this case are not overlapped.
- We are talking about code that is between 12 and 15 years old. It is simply not appropriate to fix the old code, "said Adrian Stone, who is senior program manager for security at Microsoft.
The same mistake is not corrected for the Windows 2000 Server with Service Pack 4 (SP4), although this operating system will benefit from official support for software updates until July 2010.
It is very unusual that Microsoft is not giving out the patches for all affected products, as long as they still are supporting the operating system.
Despite the aforementioned severity, Microsoft argues that the risk to be affected by attempts to exploit the error is small.
A number of Windows users asked Stone questions about why the company would not come with a bug fix for XP, and if their machines in different configurations, runs a risk as a result.
- Servers are the most likely target for attacks that exploit this vulnerability. Your firewall should provide further protection, said Microsoft's Adrian Stone.
