New zero-day puts Windows XP users at risk

Microsoft on Sunday confirmed it’s investigating an unpatched bug in VBScript that hackers could exploit to plant malware on Windows XP machines running Internet Explorer (IE).

The flaw could be used by attackers to inject malicious code onto victims’ PCs, said Maurycy Prodeus, the Polish security analyst with iSEC Security Research who revealed the vulnerability and posted attack code on Friday.

More by Author

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends & analysis

Must Read