Microsoft says attackers are exploiting a critical unpatched Windows vulnerability using infected USB flash drives. The bug is the first that affects Windows XP Service Pack 2 (SP2) since Microsoft retired the edition from support. When Microsoft does fix the flaw, it will not be providing a patch for machines still running XP SP2. Microsoft did not set a timeline for patching the zero-day vulnerability; its next Patch Tuesday is not until Aug. 10. The vulnerability was first mentioned on June 17 in an alert issued by VirusBlokAda, a little-known security firm.”]
Source: https://www.csoonline.com/article/2125438/microsoft-confirms–nasty–windows-zero-day-bug.html