Internet Explorer 10 Flash Plugin: a Vulnerability


Internet Explorer 10 is not getting Flash updates on time

Like Google chrome, internet explorer 10 on windows 8 bundles a flash player within the browser. But internet explorer is not getting flash updates on time because the plugin that bundles the Adobe auto update tools failed to update flash nor it can be manually downloaded by the users. The only way to update the flash is Windows update which means that the updates can be only available for the users by Microsoft but they are still not delivered to them.

Internet explorer 10 is different from its previous versions for two main reasons. Firstly, it exists as a classic desktop version as well as modern UI version that differ significantly from each other. Modern UI version doesn’t require any additional plugin and is more restricted than the desktop version. However Microsoft has integrated flash player into Internet explorer 10 to avoid any issues from flash-based sites. But due to absence of the plugins both version are only able to display contents in browsers only. Secondly, the update of Adobe Flash will be distributed through Microsoft windows update.

The version of the flash plugin pushedFlash within Internet Explorer 10 in windows 8 has become out of date which leaves users towards exploitation. However Microsoft said that it would not launch their patch for Internet Explorer till 26 October, until the windows 8 will be publicly released.  However adobe patch a flash on August 21 to solve the security flaws but it failed to do job for the internet explorer 10.

However a broad issue underlying there is that Microsoft ships its patch on every second Tuesday of each month and Adobe shipping its patches on every third and fourth Tuesday of each month. This leaves a potential gap between releases and this gap has is making situation difficult for the users.

This situation leaves a systematic vulnerability that Microsoft patches its Internet Explorer on second Tuesday of the month and Adobe will patch its security flaws after one or two weeks, this cause users to wait for the second Tuesday of the month for new Microsoft patch. Similarly Microsoft users have to wait for third or fourth Tuesday of the month in order to get Adobe’s new Flash security Flaws. This policy of the companies leaves user with vulnerability.

IE 10 with Flash

To avoid these issues an evident and appropriate solution would be that all Flash plugins whether for Chrome, Safari, Firefox and Internet Explorer or its older version should be patched simultaneously.

However , still there is no solution has been determined by both companies however according to one of the Microsoft director statement, both companies have been working to get rid of this problem and to avoid this condition of vulnerability.

To avoid these issues, it is recommended to avoid accessing Flash contents with Internet Explorer 10 on windows 8 or simply switch to other browsers so that these problems will not arise.

Advertisements