Skip to main content

Microsoft’s silence over unprecedented patch delay doesn’t smell right

posted onMarch 17, 2017
by l33tdawg

Last month, Microsoft took the unprecedented step of canceling Patch Tuesday, the company's monthly release of security fixes for its large stable of software products. The move meant that customers had to wait 28 days to receive updates that fixed vulnerabilities that allowed hackers to completely hijack computers and networks.

The last-minute move was all the more unusual because Microsoft made it a few days after exploit code for a Windows 10 flaw was released into the wild. In the nine days that followed the cancellation, technical details for two more serious vulnerabilities—one in Windows and the other in the Edge and Internet Explorer browsers—were also disclosed. Microsoft's security team almost certainly knew the latter two flaws would become public knowledge because Google's Project Zero privately reported the vulnerabilities to Microsoft and the bugs were subject to Google's long-standing 90-day disclosure deadline.

Source

Tags

Microsoft

Recent News

Tuesday, November 14th

Sunday, November 12th

Friday, November 10th

Wednesday, November 8th

Monday, November 6th