PDA

View Full Version : Internet Explorer 10's bundled Flash leaves users exploitable


News
09-06-12, 07:00 PM
Early users of Windows 8's built-in Internet Explorer may find themselves at risk of exploitation via the Flash plugin, as the version included with Windows 8 is out of date. Adobe patched Flash on August 21 to resolve known security flaws, but the patch can't be applied to Internet Explorer 10.

Internet Explorer 10 bundles Adobe Flash (http://arstechnica.com/information-technology/2012/05/windows-8-will-integrate-include-adobe-flash/), with Microsoft taking on responsibility for shipping updates to the integrated plugin. One repercussion of this arrangement is that Adobe's patches and autoupdate mechanism can't be used; they can update the standalone version used by Firefox, but not the embedded version in Internet Explorer. The same is true of Chrome; it includes an embedded version of Flash, and the only way to update that is with a Chrome update. Adobe's updater can't touch it.

There has been some chatter on Twitter about this issue since Adobe shipped its most recent patch. Ed Bott at ZDNet asked Microsoft about the issue, and was told (http://www.zdnet.com/microsoft-puts-windows-8-users-at-risk-with-missing-flash-update-7000003834/):

Read 7 remaining paragraphs (http://arstechnica.com/information-technology/2012/09/internet-explorer-10s-bundled-flash-leaves-users-exploitable/) | Comments (http://arstechnica.com/information-technology/2012/09/internet-explorer-10s-bundled-flash-leaves-users-exploitable/?comments=1#comments-bar)



http://feeds.feedburner.com/~ff/arstechnica/index?i=3UQe3u8fq4g:STiHLHK08yU:V_sGLiPBpWU (http://feeds.arstechnica.com/~ff/arstechnica/index?a=3UQe3u8fq4g:STiHLHK08yU:V_sGLiPBpWU) http://feeds.feedburner.com/~ff/arstechnica/index?i=3UQe3u8fq4g:STiHLHK08yU:F7zBnMyn0Lo (http://feeds.arstechnica.com/~ff/arstechnica/index?a=3UQe3u8fq4g:STiHLHK08yU:F7zBnMyn0Lo) http://feeds.feedburner.com/~ff/arstechnica/index?d=qj6IDK7rITs (http://feeds.arstechnica.com/~ff/arstechnica/index?a=3UQe3u8fq4g:STiHLHK08yU:qj6IDK7rITs) http://feeds.feedburner.com/~ff/arstechnica/index?d=yIl2AUoC8zA (http://feeds.arstechnica.com/~ff/arstechnica/index?a=3UQe3u8fq4g:STiHLHK08yU:yIl2AUoC8zA)
http://feeds.feedburner.com/~r/arstechnica/index/~4/3UQe3u8fq4g

More... (http://feeds.arstechnica.com/~r/arstechnica/index/~3/3UQe3u8fq4g/)