Microsoft: No security patches this month

Summary:Microsoft's Patch Tuesday train will be empty this month.A advance notice from Redmond says there are no security updates on tap for Tuesday, March 13, the day set aside for software fixes.

Microsoft's Patch Tuesday train will be empty this month.

A advance notice from Redmond says there are no security updates on tap for Tuesday, March 13, the day set aside for software fixes.

Microsoft said it is investigating "potential and existing vulnerabilities" but, because of its rigid patch testing routines, none of the updates are ready for this month's release cycle.

"Creating security updates that effectively and comprehensively fix vulnerabilities is an extensive process involving a series of sequential steps. All updates need to meet testing standards in order to be released. This ensures that our customers can confidently install these updates in their environment," a company spokesman said.

"There are many factors that impact the length of time between the discovery of a vulnerability and the release of a security update, and every vulnerability presents its own unique challenges," he added.

The last time Microsoft did not offer security updates as part of its monthly update cycle was September 2005.

Last month, Microsoft shipped a total of 12 bulletins with patches for at least 20 vulnerabilities in a wide range of software products.

There are several known vulnerabilities affecting Microsoft customers that remain unpatched, including a critical Microsoft Word vulnerability that surfaced one day after the January release of patches. The MS Word flaw was found during an in-the-wild zero day attack.

According to eEye's Zero Day Tracker, there are five well-known bugs in Microsoft products that are without fixes. FrSIRT has a more comprehensive unpatched list that includes two remote code execution flaws affecting Microsoft Office.

Topics: Security, Microsoft

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.