Microsoft Patches Flaws in Windows 8 and Windows RT

Bangalore: Microsoft announced that it has patched over 19 flaws in Windows, across utilities such as Internet Explorer 9 (IE9), Excel and the .Net development framework. The patch also covered certain flaws in the newly-released operating systems Windows 8 and Windows RT.

On Tuesday, out of 6, four were labeled ‘critical’, while the remaining where marked either ‘important’ or ‘moderate.’

"The IE9 bulletin is the one that should be patched first," said Andrew Storms, director of security operations at nCircle Security. "It's a drive-by," he added. Storms also mentioned various tactics that hacker’s uses to trick users into browsing to a malevolent website.

Microsoft has revealed that the update patches three flaws in Windows Kernel mode driver, among which one is credited to be ‘critical.’ The flaw is said to be a ‘TrueType Font’ flaw, which only can be exploited by highly advanced hackers.

"Despite the fact that it looks nasty, it's not very realistic to expect working exploits," said Storms.

The vulnerability was revealed during Google’s bug bounty programme as it is said that Google paid a pair of researchers $5,000 for rooting out the flaw.

"I'm sure Microsoft is disappointed to have released Windows 8 in late October and have already issued patches for it," said Storms. "But truth be told, a lot of code is reused, and it shouldn't be surprising to see bug fixes in Windows 8. Despite all the hype about newer platforms being the most secure, bugs will be found and bugs will be fixed."