We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Microsoft confirms patch for Flash in IE10 coming soon

Microsoft is now working on a patch for critical flaws in Flash Player in Internet Explorer 10.

Adobe recently issued an update for the popular Flash Player utility to patch critical flaws that could allow an attacker to run malicious code on the target system. But, if youre using Windows 8, the version of Flash Microsoft has embedded in Internet Explorer 10 is still vulnerable. Good news, thoughan update is forthcoming to address that problem.

Adobe responds quickly to patch identified vulnerabilities, and most Windows users are conditioned to apply security updates as theyre released, but Microsoft is responsible for updating Flash in its Web browser. Windows 8 hasnt yet officially launched, though, and Microsofts initial response was that Flash would not be updated until after October 26 when Windows 8 becomes available to the general public.

A couple of the flaws addressed by Adobe were given its highest threat warning level, and are associated with attacks that are already circulating in the wild. Last week, Adobe confirmed that Windows 8 users are still vulnerable to these threats.

I asked Microsoft about speculation that a patch is imminent. Yunsun Wee, Director of Microsoft Trustworthy Computing replied with this statement: In light of Adobes recently released security updates for its Flash Player, Microsoft is working closely with Adobe to release an update for Adobe Flash in IE10 to protect our mutual customers.

Wee added, This update will be available shortly. Ultimately, our goal is to make sure the Flash Player in Windows 8 is always secure and up-to-date, and to align our release schedule as closely to Adobes as possible.

Microsoft isnt the first to embed its own version of Flash. Googles Chrome browser has had Flash baked in for a couple years now. However, Google has a solid track record of speeding patches to users as fast asor sometimes faster thanAdobe.

With Flash in Internet Explorer 10, Microsoft has to accept responsibility for addressing issues in a timely manner. Leaving these Flash vulnerabilities open is similar to the situation Apple put Mac OS X users in earlier this year when it was so slow to deploy an update for its proprietary Java implementation.

There is no confirmed timeline for an update from Microsoft, but its welcome news that Microsoft realizes the urgency of the situation, and is diligently working on a patch rather than leaving customers vulnerable until the end of October.

IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model