Microsoft issues patches for IE exploit and Windows 8 Flash flaw

Two new patches released to fix various IE bugs
Author:
Publish date:
2-ie-logo-web.jpg

Microsoft has already released a patch for Flash vulnerabilities in Windows 8, despite the OS having not been officially released, along with a fix for a recently discovered zero-day exploit.

PCR reported last week that a zero-day exploit had been discovered for Internet Explorer, which can be used to load malicious software on machines running Windows XP, Vista or 7 along with the various versions of the IE browser.

Three days later Microsoft admitted a fix hadn’t been completed yet and offered a workaround until a patch was released.

An emergency patch was released on Friday, most users have automatic updating enabled and will not need to take any action because this security update will be downloaded and installed automatically.

Those who have not enabled automatic updating need to check for updates and install the fix manually. You can do so by using the Microsoft Update service.

Microsoft has also released a separate patch, this time solving issues related to the Adobe Flash Player component of IE 10.

The current problems only affect IE 10 running on Windows 8 and Windows 2013 server. Although Windows 8 has not had an official public release, researchers testing the RTM version found a bug that could cause Flash to crash, making way for attackers to take control of the user’s machine.

More information on this patch can be found at Microsoft’s Security TechCenter blog.

Want to receive up-to-the-minute tech news straight to your inbox? Then click here to sign up for the completely free PCR Daily Digest and Newsflash email services. You can also follow PCR on Twitter and Facebook.

Related