A flaw in Windows XP has spread to 25,000 computers, after being made public by a Google researcher.
Microsoft has now issued a patch for the vulnerability in XP’s Support Centre, which Google employee Tavis Ormandy made public only days after notifying the software giant, reigniting the debate about responsible disclosure.
Two weeks ago, the bug had lead to 10,000 compromised computers. This week, Microsoft confirmed it had hit 25,000 after a big jump last weekend.
“These attack attempts have continued to expand and some new attack patterns have come into play,” said Holly Stewart of the Microsoft Malware Protection Centre in a post on the Microsoft Security blog.
“Early on, we saw attackers incorporate code to single out Windows XP targets, but more recently the attackers have been less discriminant, attempting this attack on a variety of operating systems, about half of which were not susceptible because the exploit code could have only been successful on a vulnerable version of Windows XP.”
The UK is seeing slightly more attacks than than the global average, but Russia and Portugal have been the worst hit. Microsoft has seen attacks in 100 countries, Stewart said.
Given the scale of the problem, Microsoft advised users to install the patch released this week as soon as possible.
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
