It only took days for hackers to take advantage of the Windows XP security vulnerability that was disclosed last week by a Google engineer The Windows XP exploit that was published by a Google engineer last week is now being exploited in the wild, according to researchers at Sophos Labs.The vulnerability, which could allow remote code execution if a user views a specially crafted Web page using a Web browser, or clicks a specially crafted link in an e-mail message, was published by Tavis Ormandy just five days after he alerted Microsoft to the problem.Sophos reported Tuesday that its labs received the first pro-active detection on malware that is spreading via a compromised website.“This malware downloads and executes an additional malicious component (which will shortly be detected as Troj/Drop-FS) on the victim’s computer, by exploiting this vulnerability,” according to a blog post on the Sophos site. Ormandy’s publication of the vulnerability’s details have been the subject of much criticism in the last week. Ormandy, who said the exploit is possible through most browsers, posted details of the vulnerability and proof-of-concept code to the Full Disclosure listserv – only days after giving Microsoft the information.Many said with his publication, Ormandy had ignored the rules of responsible disclosure of security vulnerabilities. Ormandy said he went public with the information because he believed his discovery would have otherwise been dismissed by Microsoft. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe