Microsoft reported an alarming security flaw exposed by security farm FireEye, Inc. that affects all versions of Internet Explorer from 6 to 11. Though the newer versions of Windows operating systems will be patched in a couple of weeks, Windows XP users should be worried. Windows XP support was discontinued by Microsoft from April 8, 2014 and it is not going to get any more security patches.
The vulnerability is a remote code execution vulnerability. In effect, an attacker who successfully exploited this vulnerability could gain the same user rights as the current user. User accounts with administrative rights are at higher risk. An attacker could also host a website that contains a webpage that is used to exploit this vulnerability. In addition, compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. If the user visits such a website, his system may be compromised.
The current vulnerability is the first report on security issues since Windows XP support was discontinued. And it is quite obvious that Windows XP is not safe anymore from newer security issues.
In this particular incident, while Windows XP users can use Google Chrome or Firefox (which are still supporting the OS) or enable Enhanced Protected Mode (as suggested by Microsoft in the list of workarounds), there are some excellent alternatives in Linux-based distributions including OpenSuSE or Lubuntu.