Redmond is delivering a new patch for IE users on modern Windows

Apr 29, 2014 12:45 GMT  ·  By

Microsoft has recently found a zero-day flaw in Internet Explorer, but the company is currently investigating the issue, so a full-time patch for the vulnerability is expected to be released in the coming weeks.

In the meantime, the company rolled out a different security update for Internet Explorer users that's supposed to correct a security glitch in Adobe Flash Player that's only aimed at modern versions of its operating system.

“Microsoft is announcing the availability of an update for Adobe Flash Player in Internet Explorer on all supported editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1. The update addresses the vulnerabilities in Adobe Flash Player by updating the affected Adobe Flash libraries contained within Internet Explorer 10 and Internet Explorer 11,” the company said in a security advisory rolled out today.

While no specifics have been provided on the flaw that this new update is addressing, a notification posted by Adobe yesterday reveals that it's actually aimed at fixing a security vulnerability in Flash that would allow an attacker to remotely access an unpatched system.

Windows, Linux, and Mac OS X clients are all supposed to be patched by this new version, with Adobe claiming that it's aware of limited attacks targeted against Windows users running the vulnerable build of Flash Player.

“Adobe has released security updates for Adobe Flash Player 13.0.0.182 and earlier versions for Windows, Adobe Flash Player 13.0.0.201 and earlier versions for Macintosh and Adobe Flash Player 11.2.202.350 and earlier versions for Linux. These updates address vulnerabilities that could potentially allow an attacker to take control of the affected system,” Adobe said in the advisory.

At the same time, Microsoft is also working to fix the aforementioned zero-day flaw in Internet Explorer, which could be the first vulnerability that could leave Windows XP computers open to attacks.

Redmond says that Internet Explorer 10 and 11 are fully protected against this security flaw, but explained recently that with some workarounds, all vulnerable versions of its in-house browser could be configured in order to stay on the safe side.

Security experts across the world on the other hand recommend users to abandon Internet Explorer and go for a more secure browser that still receives updates on Windows XP, such as Google Chrome or Mozilla Firefox, both of which will continue to work on the now-dead operating system for at least 12 more months.