The Hacker News Logo
Subscribe to Newsletter

Window 8 will get its first critical patch this Friday

The Windows 8 and Windows RT security updates will be the first shipped since those operating systems' launch on Oct. 26. The latest vulnerabilities include three critical security vulnerabilities for Windows 8, and one critical security vulnerability for the Surface-based Windows RT operating system. These flaws are considered "critical" and could allow remote code execution on vulnerable systems.

Among the various flaws, versions from Windows XP (Service Pack 3) all the way through to Windows 8 are affected, including versions of the Office suite, and versions of Windows Server. Released only in September, Windows Server 2012 requires patching to maintain maximum security.
If you've enabled automatic updates, the patches will automatically install on Tuesday. As usual, the specific details about what is being fixed in these updates won't be revealed until the patches themselves are available for download in order to not give hacker groups an advanced heads-up.

Among the flaws, a few patches will be delivered for Internet Explorer that will fix a flaw that allows drive-by attacks on vulnerable systems, such as if the user visits a malicious Web page through the browser. There has been a lot of speculation about the cause of the Windows RT bug, with some saying that is the result of faulty hardware that may require the complete replacement of the Touch cover, while others believe that it’s really a software issue that may be resolved via a software update from Microsoft.
While the new operating system has been designed to be significantly more secure than its predecessors, it still contains legacy code from earlier operating systems, which may contribute to the problem. After the release of Windows 8 , researchers at VUPEN had found the first zero-day vulnerability and written an exploit for the new OS as well as Internet Explorer 10.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.