Adobe has confirmed reports that IE10 in Windows 8 is vulnerable to certain attacks, and will remain vulnerable to them until Windows 8 is officially released in October. The reason for this is that Microsoft has integrated Flash into their browser, and Microsoft is responsible for updating the browser for this type of attack. Microsoft has already announced that IE10 will be patched for this vulnerability, but that patch will not be applied until the operating system is officially released.
So for now, users of Windows 8 and IE10 are caught in a version of Catch-22. The exploit is known, and has been seen on the net. Adobe has already patched their releases of Flash, but cannot do so for IE10 in Windows 8.
And so, in the name of convenience for the end users by making updates to Flash only through Windows Update , Microsoft has stubbed their toes once again in regard to parts of Windows 8.
You can read more on the story at ComputerWorld.
