/>
X

Microsoft issues critical security patches, but leaves zero-day flaws at risk

Windows users will have to wait another three weeks to patch two serious vulnerabilities with exploit code when Microsoft's regular patching schedule resumes.
zack-whittaker-hs2016-rtsquare-1.jpg
Written by Zack Whittaker on

(Image: file photo)

Microsoft has patched "critical" security vulnerabilities in its browsers, but has left at least two zero-day flaws with public exploit code.

The software giant released numerous patches late on Tuesday to fix flaws in Adobe Flash for customers using Internet Explorer on Windows 8.1 and later, as well as Edge for Windows 10.

The patches are available over Windows Update.

A handful of large companies were alerted to the incoming patches on Monday, but were told not to expect any more updates until next month's scheduled patch cycle, scheduled for March 14.

But the company failed to patch two flaws, which have publicly disclosed exploit code.

The first vulnerability relates to a Windows SMB bug, of which its proof-of-concept code was released just days prior to this month's scheduled Patch Tuesday. The other, released by Google earlier this week, relates to an Windows graphics library flaw, disclosed to Microsoft more than six months ago, according to the vulnerability report.

The patches land a week after the company's usually-timed Patch Tuesday, which the company delayed for the first time in its history.

But it's not know exactly what the root cause of the delay was.

ZDNet's Mary Jo Foley said sources familiar with the company's goings-on said problems with Microsoft's build system could be the cause of the delay.

A spokesperson for Microsoft would not comment further on the issue.

Related

Hackers are finding ways around multi-factor authentication. Here's what to watch for
a-man-looking-at-his-smartphone-while-sitting-at-a-computer-in-his-home-office

Hackers are finding ways around multi-factor authentication. Here's what to watch for

Security
How to use your phone to diagnose your car's 'check engine' light
BlueDriver Bluetooth dongle

How to use your phone to diagnose your car's 'check engine' light

Home & Office
A United Airlines pilot made a big speech to passengers. Not everyone will love it
screen-shot-2022-08-09-at-9-39-33-am.png

A United Airlines pilot made a big speech to passengers. Not everyone will love it

Business