DecryptedTech

Monday03 October 2022

Microsoft patches Flash bugs in Windows 8


Reading time is around minutes.
flash-bug

On Friday Microsoft released an update for Flash on Windows 8 to protect their users from hacker attacks that could’ve started long ago since the bugs were here for quite some time. As it was stated about a week ago, Microsoft decided to take care of this bug and provided a patch for it Firday. Even though Flash Player is a product of Adobe, the whole work had to be done by Microsoft because they copied Google's Chrome and implemented Flash Player into their browser, Internet Explorer 10. They announced the implementation in May, saying “By updating Flash through Windows Update, like IE, we make security more convenient for customers.”

Even though Adobe shipped a few security updates in August that patched eight vulnerabilities, the RTM version of Windows 8 was still lacking those. One of those eight zero-day bugs have been exploited by hackers for quite some time and with these patches coming to Windows RTM and to the final public beta Release preview it will solve the know issues. Yunsun Wee, director of Microsoft's Trustworthy Computing team stated that "On a quarterly basis when Adobe normally issues Flash Player updates, we will coordinate on disclosure and release timing," meaning that they will continue to provide future Flash Players updates for IE10 in Windows 8.

If we consider that Adobe in 2012 released seven Flash updates so far; one in February, two in March, one in May and June and two in August, it is a bit confusing how Microsoft plans to do their updates quarterly. Wee also stated that "When the threat landscape requires action outside of Adobe's normal update cadence, ...we will issue updates outside of our regular monthly security bulletin release,". Will this bring more users to IE 10? I doubt it, especially with the fact that they took so long to release their patches, and when user security doesn’t come first, well there is just no excuse.

[Ed – Microsoft appears to have botched security in Windows 8 in more ways than just Flash Player. As we have talked about before there are some rather gaping holes in security and also in the ability to remove infections once they get in. This becomes an even bigger issue with Microsoft’s massive push to cloud computing…]

Discuss this in our Forum

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.