About a week and a half ago, Microsoft back peddled from its earlier decision of patching the vulnerability in Windows 8 after it is released publicly on October 26 and said that it will be releasing the patch ‘shorty’. The reason Microsoft needs to patch flash vulnerabilities on its own is that it has built Flash player into the Internet Explorer 10.
The patch updates the Flash player version of Internet Explorer 10 to 11.3.374.7 confirmed Computer World. This is just a one off update from Microsoft as for future updates it has pledged that it will be working with Adobe and will have a co-ordinated release. Yunsun Wee, director of Microsoft’s Trustworthy Computing team noted on a blog post, “On a quarterly basis when Adobe normally issues Flash Player updates, we will coordinate on disclosure and release timing.”
Still, this doesn’t mean that Microsoft will not be releasing updates for critical vulnerabilities. Wee writes, “When the threat landscape requires action outside of Adobe’s normal update cadence, we will also work to align our release schedules.”