Miller pointed out that , which patches a critical vulnerability in all supported versions of Windows, also applies to Windows 8 Consumer Preview.

Although the MS12-024 advisory does not mention Windows 8 Consumer Preview, anyone running that sneak peek will be offered the update, said Miller. Computerworld confirmed that MS12-024 was among several other non-security fixes Microsoft delivered to Windows 8 today.

According to Qualys, the bug in MS12-024 lets hackers hitch a ride inside legitimate software installation packages.

Amol Sarwate, manager of Qualys' vulnerability research lab, said the vulnerability would be very attractive to purveyors of phony antivirus software, a category often called "scareware" or "rogueware."

April's six security updates can be downloaded and installed via the Microsoft Update and Windows Update services, as well as through Windows Server Update Services.