final Windows XP security updates
Microsoft today said it will ship four security updates to customers next week that will include the final public fixes for flaws in Windows XP and Office 2003, both slated for retirement from security support on Tuesday.
Of the four updates, two were tagged "critical," Microsoft's most serious threat rating, and the other pair was marked "important," the next step down in the firm's four-part scoring system.
All four, however, were labeled in today's advance notification with the phrase "remote code execution," meaning that attackers could hijack an unpatched PC if they managed to exploit the vulnerabilities. Microsoft often downgrades remote code flaws to the important category when there are mitigating factors -- say, a requirement that users click through multiple warnings or deviate from a standard configuration -- that prevent easy exploitation.
One of the quartet will directly affect Windows XP -- all versions of Windows, actually, including the newest, Windows 8.1 -- while another will also impact the 13-year-old OS because it will patch all editions of Internet Explorer, including IE6, which faces retirement, too, and IE8, the most popular Microsoft browser for XP.