Microsoft is releasing a security update for Internet Explorer that closes a gap that allowed attackers to take complete control of a computer. It also issued the update to Windows XP users, despite dropping support for the older operating system last month.

The update was scheduled to go live at 1 p.m. EST Thursday.

Adrienne Hall, general manager of Microsoft Trustworthy Computing, said in a statement that the company decided to fix the problem quickly for all customers, saying it takes the security of its products “incredibly seriously.”

Microsoft reported the problem Saturday, saying it was aware of “limited, targeted attacks” and that the vulnerability affected Internet Explorer versions 6 through 11

The company said users with automatic updates enabled don’t need to take any action.

Hall offered an explanation in a blog post:

If you are like most people, you have automatic updates turned on, and you’ll get this new update without having to do anything. If you haven’t turned it on automatic updates yet, you should do so now. Click the “Check for Updates” button on the Windows Update portion of your Control Panel to get this going.

One of the things that drove much of this coverage was that it coincided with the end of support for Windows XP. Of course we’re proud that so many people loved Windows XP, but the reality is that the threats we face today from a security standpoint have really outpaced the ability to protect those customers using an operating system that dates back over a decade. This is why we’ve been encouraging Windows XP customers to upgrade to a modern, more secure operating system like Windows 7 or Windows 8.1.

Even though Windows XP is no longer supported by Microsoft and is past the time we normally provide security updates, we’ve decided to provide an update for all versions of Windows XP (including embedded), today. We made this exception based on the proximity to the end of support for Windows XP. The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown. Unfortunately this is a sign of the times and this is not to say we don’t take these reports seriously. We absolutely do.