Thursday, September 27, 2012

Microsoft fixes flaw in Internet Explorer on Windows 8

Microsoft today released a security fix for Internet Explorer 10 in Windows 8. A critical flaw in Flash Player plugin now comes integrated with the browser, could allow a hacker to control your computer remotely using a victim's Windows, Linux, OS X, Android and iOS.


The Flash Player vulnerability had been patched by Adobe in late August, so if you are using the latest version of the plugin will not be affected. In Windows 8, the story is different: the plugin is integrated with Internet Explorer and can not update or remove Flash system. To make matters worse, an employee of Adobe had said that the problem would not be resolved before the release of Windows 8, which happens in late October.

In the blog post Microsoft security, the company used to say that it is working with Adobe to ensure that security updates are distributed efficiently. Adobe releases patches quarterly packages if a fault is discovered serious and require immediate action, Microsoft can also flush out the Patch Tuesday updates, a package launched every second Tuesday of the month.

Another critical vulnerability in Internet Explorer was discovered recently: a zero-day flaw, which fortunately has not been explored on a large scale, allow remote code execution if a user entered a malicious page. The flaw affects versions 6, 7, 8 and 9 of Internet Explorer (yes, version 6 still receives updates) patch and the patch can be downloaded here.

If you did not enable automatic updates in Windows 8 or Windows Server 2012, we recommend downloading the patch or run Microsoft Update as soon as possible.