Are you running the Windows 8 RTM yet? If you are, you may want to be careful out there, suggests Ed Bott from ZDNet. Internet Explorer 10's embedded Flash component suffers from a number of critical vulnerabilities which allow hackers to crash and take control of affected systems.
While such exploits are nothing new nor impossible to avoid, Microsoft's Chrome-like IE10-Flash integration makes Windows Update the middleman. Users aren't able to manually install updated versions of Flash themselves anymore. Rather, updates from Adobe must be integrated into IE10 update packages first and then made available by Microsoft to the general public.
Unfortunately – and here's the problem – Microsoft has told ZDNet that it will not be issuing an update until the "GA timeframe". GA is the time Windows 8 is expected to be generally available, which is October 26.
Microsoft's lethargic response to critical security updates has often been criticized, but they aren't the only company with an occasional, molasses-like stride. Apple too, has received its share of criticism. The Cupertino-based company also had its own Flash-related problems a few years ago, prompting it to remove Flash entirely, barring it from shipping with Mac OS X.
Incidentally, Google's Chrome also houses its own embedded Flash module. Unlike IE10 under Windows 8 though, Adobe's hotifx had already been implemented on August 21 and subsequently pushed out to users.
If Microsoft hopes to avoid embarrassing itself by keeping IE10 safe and secure, the software maker should definitely consider timely updates as part of its strategy. Hopefully, critical patches like these will begin to be swiftly rolled out once Windows 8 hits mainstream.