Microsoft Issues Temporary Workaround for Windows XP Zero-Day Flaw

The company is still investigating reports to determine whether a patch is needed

  A full-time patch could be released on the next Patch Tuesday
Windows XP is affected by a new vulnerability that would allow remote code execution and Microsoft confirmed that it’s indeed aware of some limited attacks aimed at this particular OS version.

Windows XP is affected by a new vulnerability that would allow remote code execution and Microsoft confirmed that it’s indeed aware of some limited attacks aimed at this particular OS version.

The Redmond-based giant has now issued a temporary workaround for users who want to stay on the safe side until more information is available on this zero-day vulnerability.

“Delete NDProxy.sys and reroute to Null.sys. For environments with non-default, limited user privileges, Microsoft has verified that the following workaround effectively blocks the attacks that have been observed in the wild,” Dustin Childs, Group Manager, Response Communications, Trustworthy Computing, said in a statement.

A successful exploit of the vulnerability requires the user to open a malicious PDF file, so everyone is also recommended to download and install the latest version of Adobe Reader.

Enabling a firewall, applying all software updates and installing anti-virus and anti-spyware software would also help, Microsoft said.

Comments