Microsoft’s Patch Tuesday is Back
After delaying Patch Tuesday in February, Microsoft has released security updates for March. The latest updates fix more than a dozen vulnerabilities.
According to Wccftech, “Among the patches, Microsoft has also fixed a ‘critical’ flaw, which was publicly disclosed earlier last month following Microsoft missing February’s Patch Tuesday. The exploit code related to a Windows SMB bug was made available by Laurent Gaffie, but Microsoft hasn’t credited Gaffie in the bulletin.”
One of the most severe vulnerabilities was in Microsoft Windows SMB Server, which, according to the Microsoft security bulletin, “could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.”
You can read more about all of the vulnerabilities that were patched in this update online.
What’s still not clear is why Microsoft delayed February’s patches, especially in times when government agencies and cybercriminals are rigorously finding and exploiting any such vulnerabilities. It’s also unknown why Microsoft didn’t patch many serious vulnerabilities for more than three months that were discovered by Google researchers.