April Patch Tuesday: Most Windows Versions Affected

Big fixes are now available for virtually every Microsoft operating system (OS), including the new Windows 8 and Windows RT. April's Patch Tuesday release addresses 'critical' vulnerabilities found in most versions of Windows.

The first critical flaw focuses on Microsoft's Internet Explorer web browser and applies to versions 6 through 10. The fix will address a flaw that could allow for a drive-by hack, meaning hackers could use the hole to attack machines by leading victims to websites laced with malware.

Windows XP Through Windows 8 Systems Affected

This means that virtually every Microsoft operating system is vulnerable, from Windows XP machines to Windows 8 computers and Windows RT tablet devices.

"This is one of the few bulletins this month that has a critical impact on the current code, hitting Windows 8, Windows RT and Windows 7 with a critical remote code execution issue," noted Lumension security expert Paul Henry.

"We recommend that this bulletin be your first patch and you should update Internet Explorer while you're at it." (Source: pcworld.com)

Flaw Could Allow Hackers to Take Control of a PC

A second critical fix focuses on Windows XP (Service Pack 3), Windows Vista (Service Pack 2), and Windows 7.

"This bulletin does not affect Windows 8 or RT, but will likely still impact a lot of people because many have not yet upgraded to those operating systems," Henry noted.

The fix is designed to patch a vulnerability that could allow a hacker to manipulate privileges in a way that makes a system vulnerable to malware injection. (Source: zdnet.com)

There are also seven bulletins Microsoft has rated 'important,' its second-highest security rating. One of the most concerning affects Windows Defender, part of the default security package installed on Windows 8 and Windows RT systems.

"Windows Defender is an important security component for the new operating systems, so it's a little concerning to see it impacted here, even if only at an 'important' rather than critical level. If you're running either of those systems, I would patch this important bulletin first," Henry said. (Source: pcworld.com)