Another casualty of the cybersecurity wars — good-old Microsoft XP. Many users loved XP and groaned when Microsoft announced it would no longer support the program. But worse yet, hackers are exploiting an Internet Explorer (IE) vulnerability that was recently left unpatched in Windows XP. Microsoft knew about the problem but doesn't plan on doing anything about it.
Microsoft squashed the bug, CVE-2014-1815, with a recent critical update for IE6, IE7, IE8, IE9, IE10 and IE11. But because the company is no longer supporting Windows XP, users of the operating system did not receive the update, while owners of Windows Vista, Windows 7 and Windows 8 are now safe from this attack.
CVE-2014-1815 can be triggered when IE users unknowingly visit a malicious website. As soon as an unpatched Internet Explorer reaches the site, the bug hijacks the PC and sticks malware on the hard drive.