Warning issued over Windows XP bug

Windows XP Windows XP was released in 2001 but is still widely used

Related Stories

Microsoft has issued a warning about a bug in older version of Windows that could let attackers take over a computer.

The vulnerability in Windows XP and Server 2003 is being actively exploited by cyber-thieves, it said.

It has taken the unusual step of issuing a temporary workaround that closes the loophole.

However, it acknowledged that applying this fix could break some Windows functions that people regularly use.

Security firm FireEye has been credited with finding the bug that lets an attacker piggyback on a known flaw in some older versions of Adobe Reader. Via the Adobe bug, the FireEye researchers found evidence that attackers were able to "escalate" the access they were granted to the system to eventually allow them to install their own code.

Microsoft said it was aware of "limited, targeted" attacks using the combined bug to attack PCs.

It issued advice to customers saying they should turn off some services to stop the attack working. It warned that turning off the vulnerable service could shut down some widely used networking functions including the ability to access a machine over the net or use a PC to work remotely over a virtual private network (VPN).

A comprehensive fix for the loophole is now being worked on by Microsoft and it said it hoped to include this in a future security update.

Although Windows XP has been superseded by versions 7 and 8 of Microsoft's flagship operating system, the older software is still widely used. Market research figures suggests about one-third of PCs still run XP.

People who have upgraded to the latest version of Adobe Reader will not be vulnerable to the combined attack, said FireEye.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories


Features & Analysis

  • Abdi Nor IftinGolden ticket

    How a refugee entered a lottery and won a new life in the US

  • Herring in a fur coatMerry herring

    How fish 'in a fur coat' is enough to make Russia's New Year happy

  • Curiosity Self Portrait at Windjana Drilling SiteIn pictures

    The most stunning space photos of the year

  • Amy Adams, Cate Blanchett, Sandra Bullock and Dame Judi DenchFilm quiz of 2014

    How much do you remember about the past 12 months?

BBC Future

Fiery moment

2014: An amazing year in aviation

Highs and lows in air tech


  • Click presenter Spencer Kelly flies a droneClick Watch

    From wearable technology to drones and robots - highlights from 2014

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.