Microsoft’s Patch Tuesday is Back

By

Microsoft missed the entire month of February, leaving Windows users exposed to attacks.

After delaying Patch Tuesday in February, Microsoft has released security updates for March. The latest updates fix more than a dozen vulnerabilities.

According to Wccftech, “Among the patches, Microsoft has also fixed a ‘critical’ flaw, which was publicly disclosed earlier last month following Microsoft missing February’s Patch Tuesday. The exploit code related to a Windows SMB bug was made available by Laurent Gaffie, but Microsoft hasn’t credited Gaffie in the bulletin.”

One of the most severe vulnerabilities was in Microsoft Windows SMB Server, which, according to the Microsoft security bulletin, “could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.”

You can read more about all of the vulnerabilities that were patched in this update online.

What’s still not clear is why Microsoft delayed February’s patches, especially in times when government agencies and cybercriminals are rigorously finding and exploiting any such vulnerabilities. It’s also unknown why Microsoft didn’t patch many serious vulnerabilities for more than three months that were discovered by Google researchers.

03/14/2017
comments powered by Disqus

SysAdmin Day 2017!

  • Happy SysAdmin Day 2017!

    Download a free gift to celebrate SysAdmin Day, a special day dedicated to system administrators around the world. The Linux Professional Institute (LPI) and Linux New Media are partnering to provide a free digital special edition for the tireless and dedicated professionals who keep the networks running: “10 Terrific Tools."

Special Edition

Newsletter

Subscribe to ADMIN Update for IT news and technical tips.

ADMIN Magazine on Twitter

Follow us on twitter