As I reported last week, Microsoft has chosen to delay shipping a critical update for the Flash Player code in Internet Explorer 10 until the General Availability of Windows 8 in late October. Those security fixes, which were delivered to users of all other modern browsers on August 21, are not available to Windows 8 users who use Internet Explorer 10.
That means, if you are using Windows 8 in either a production environment or for evaluation purposes, you face an unacceptably high risk of being targeted by in-the-wild exploits aimed at those Flash vulnerabilities.
Read more at source:
Protect yourself from Flash attacks in Internet Explorer | ZDNet