Click here to visit Original posting
Well, here’s something different. Microsoft, for the first time since it started its monthly Patch Tuesdays in October 2003, has completely blown a deadline. There will be no major patch release in February. Instead, the patch package will be released on March 14.
Why? We don’t know and Microsoft isn’t saying.
Color me concerned.
I have reason to be. Greg Lambert, chairman of Qompat, who covers software patches like paint, had hoped Microsoft would delay the patches by only a week. After all, Lambert observed, “This month’s update cycle from Microsoft is especially important as a now critical zero-day vulnerability (CVE867968) has been reported related to how a component of the Microsoft SMB [Server Message Block] protocol handles traffic. This was initially reported as a denial of service attack, but now looks like to be rated as critical by Microsoft as it may lead to a more serious (RCE) remote code execution scenario.”
To read this article in full or to leave a comment, please click here