While Microsoft is still holding back Windows patches originally scheduled for earlier this month to March's Patch Tuesday release, the company has broken with its roadmap in a more positive way with the out-of-band launch of security patches for vulnerabilities in Adobe's Flash Player software.
Microsoft surprised users earlier this month with the news that it was to
skip February's Patch Tuesday release, the monthly launch of security and feature patches for all its software which traditionally takes place on the second Tuesday of the month. While initially it appeared to be a temporary delay due to what Microsoft described as a '
last-minute issue,' the company then announced that it was cancelling February's Patch Tuesday altogether in favour of giving itself until March's scheduled release to solve the as-yet undetermined problem it had encountered - leaving its users at the mercy of known zero-day vulnerabilities, including a flaw in the graphic device interface (GDI) subsystem
publicised by Google's Project Zero.
Those running a recent Windows release, though, may see Windows Update fire itself up in the coming days - but it's not for the now-cancelled February patch roll-up, but instead out-of-band fixes for critical security vulnerabilities in Adobe's Flash Player software as bundled with the Internet Explorer and Edge browsers. The patches are being made available to users of Windows 8, Windows 8.1, Windows Server 2012 and the R2 release, Windows Server 2016, and Windows 10, and should be installed even if you use a different default browser.
Microsoft has still not revealed the cause of the Patch Tuesday cancellation, nor has it detailed why it has released the out-of-band update for Flash Player while leaving other zero-day flaws in its software unresolved.
Want to comment? Please log in.