Windows 8, RT to Get First Critical Security Patches
Microsoft is set to release its first security patches for Windows 8 and RT operating systems. These patches are meant to address vulnerabilities in Windows, Internet Explorer and the .NET framework.
According to Microsoft's Security TechCenter, the November edition of security patches will fix three of the critical vulnerabilities affect Windows 8 and other versions of the Windows operating system, right down to Windows XP. According to the bulletin, Windows 8 RT appears to have only one critical vulnerability; however, Internet Explorer 10 that is exclusive to Windows 8 and Windows 8 RT systems isn't on the list of affected versions of the company's Internet Explorer software.
Besides addressing those critical flaws, Microsoft will be issuing two additional bulletins addressing security flaws in Office software suite and Windows operating systems. The first bulletin addresses the security flaw in Office software suite that may allow for remote code execution while the second pertains to "information disclosure" in the Windows operating systems. Microsoft has not released the exact details of the security vulnerabilities but the company will hold a Webcast about the security updates and patches after their release this coming Tuesday.
As an interesting note to our readers, the security bulletins were released in the wake of an announcement by Vupen, a private security analysis firm who announced that they had managed to "chain" multiple vulnerabilities in Windows 8 and Internet Explorer 10 to remotely execute code via a webpage that allowed them to take over an affected Windows 8 machine. According to Bitdefender senior product manager Alex Balan who spoke to PCWorld, Microsoft has made much improvement in securing Windows 8; however, no software is truly free from exploits.