Cyber security firm Symantec said it had carried out tests that confirmed the vulnerability crashes Internet Explorer on Windows XP. "This will be the first zero day vulnerability that will not be patched for Windows XP users," it said.