Nov. 9, 2012 at 9:04 PM ET
Windows 8, available publicly for two weeks now, is getting its first security update Nov. 13. It includes three critical updates; Windows 8 RT, for Microsoft's Surface tablet, has one critical update.
The vulnerabilities could allow a hacker to execute malicious code remotely on systems that aren't protected. You can learn more here. You can make sure you get the updates by setting your computer to automatically accept updates from Microsoft.
There will be other updates too, for other versions of Windows, including Windows 7, Vista and XP, as well as for Internet Explorer.
Meanwhile, security firm Bitdefender said Friday in its own testing that Windows 8, using Microsoft's own Windows Defender anti-malware protection, was "prone to infection" by 15 percent of the 100 malware "families most used by cyber criminals this year."
Read another way, that means Windows Defender — which is included as part of Windows — was 85 percent effective.
No anti-malware product, of course, is 100 percent effective because code, viruses, worms, Trojans and spam are shape-shifters in the hands of criminals or mischief-makers.
NBC News contacted Microsoft for comment about Bitdefender's study. "Microsoft is committed to providing a trustworthy computing experience and continues to invest heavily in continuously improving our security and protection technologies," a company spokesman said in an emailed statement.
Bitdefender said the malicious sample set it used "consisted of the families of malware detected most frequently in the past six months" by its own real-time virus reporting system.
The malware that successfully bypassed Windows Defender was capable of granting backdoor access to the system, intercepting keystrokes, stealing online games credentials, and more.
When tested without Windows Defender activated, the results were worse. Of the 385 samples, 234 ran successfully. Another 138 samples could not be started on the machine on various reasons, six e-threats executed but then crashed, and seven others launched but had their payload was blocked by UAC (User Account Control).
"Even if the new operating system boasts a major overhaul in terms of visuals with the introduction of the Advanced UI, Windows 8 with the default antivirus solution activated registers alarming detections rates similar to the one registered by Windows 7," said Alexandru Balan, Bitdefender chief security researcher, said in a statement.
While some may see the firm's finding as a glass half empty — or full — the more important message may be that using anti-malware protection — no matter which make — is a must for every user.
This story was updated at 9 p.m. ET.
— via The Next Web