Microsoft has delivered several security updates to patch 11 vulnerabilities in Windows, Internet Explorer (IE), Office and several other products, including one bug that attackers are already exploiting.
The company also issued the first patch for Windows 8 Consumer Preview, the beta-like build Microsoft released at the end of February.
MS12-024, which patches a critical vulnerability in all supported versions of Windows, also applies to the Windows 8 Consumer Preview.
Although the MS12-024 advisory does not mention Windows 8 Consumer Preview, anyone running that sneak peek will be offered the update.
According to Qualys, the bug in MS12-024 lets hackers hitch a ride inside legitimate software installation packages.
Amol Sarwate, manager of Qualys’ vulnerability research lab, said the vulnerability would be very attractive to purveyors of phony antivirus software, a category often called “scareware” or “rogueware.”