A new security headache for the estimated 56% of Web users who use Internet Explorer: A major security flaw has surfaced in some versions of the browser, leaving users open to a "remote code execution vulnerability," which "means a bad guy can make a target computer run software after a successful attack," Recode explains. Microsoft says most attacks occur when a user clicks on a link that leads to a malicious website and the bug affects every Explorer version from 6 to 11.
Microsoft plans to roll out a security update for current versions of Windows, but it looks like Windows XP users are on their own, the Wall Street Journal reports. Microsoft ended support for the outdated operating system earlier this month, and although it still runs on around 300 million machines, it's not clear whether Microsoft will make an exception and issue a security patch for the latest flaw. "XP users are not safe anymore and this is the first vulnerability that will be not patched for their system," a Symantec researcher warns. (More Internet Explorer stories.)