As Microsoft nears the release of Windows 8 on October 26, the hackers are also gearing up to find active exploits in the OS, and its supported applications. It seems like they now have one, even before the release of Windows 8. Adobe has confirmed that the Flash Player that will come as a part of IE in Windows 8 is open to active exploits.
However, Microsoft doesn’t have any plans of patching up the vulnerability until the very day of the availability of the OS. The company intends to patch it through a Windows Update.
According to a Microsoft spokesperson, “We will update Flash in Windows 8 via Windows Update as needed. The current version of Flash in the Windows 8 RTM build does not have the latest fix, but we will have a security update coming through Windows Update in the GA timeframe.”
So far, Chrome had been the only browser which came integrated with a Flash Player. Now, Microsoft has followed suit and equipped its Internet Explorer 10 with the Player too. Just recently, Adobe had discovered some critical vulnerabilities in its player for which it released eight patches.
However, Microsoft hasn’t yet implemented these patches to IE10 in Windows 8. So far “Flash Player 11.3.372.94 does not incorporate the fixes released in APSB12-18 and APSB12-19”, says Adobe spokesperson. Adobe also confirmed on its forums that there are no Flash patches coming for Windows 8 until the OS is released in late October.
Courtesy: Computer World