Temporary patches are now available for all the three Windows zero-days that have been disclosed in the past month. A first temporary patch was released last week, and two others followed this week.
The patches have been made available by a third-party security firm after Microsoft did not release official fixes at the start of the month, during its regular January 2019 Patch Tuesday update window.
To install the temporary patches (also called micropatches), users must install the 0patch Agent client from Acros Security.
The 0patch software was initially created for companies that use old Windows versions across their PC fleet, so Acros experts can deploy patches for new bugs affecting old versions of the Windows operating systems that have reached End-Of-Life (EOL) and are not receiving official updates from Microsoft anymore.
However, over the past year, Acros has also been using its 0patch client to deliver temporary patches for security flaws that Microsoft's staff did not get to fix, for one reason or another, during its regular Patch Tuesday update window.
Over the last five days, Acros experts have released three micropatches for the three Windows zero-days for which proof-of-concept (PoC) exploit code has been posted online, opening the window for possible real-world attacks against Windows users.
The three zero-days that have been disclosed over the past month and which have received micropatches are as follow:
For now, none of the three Windows zero-days or their respective PoCs have been observed being used in the wild by any malware author or cybercriminal group.
According to security researchers who analyzed the zero-days on Twitter and on security forums in the last month, the main reasons might be that the zero-days either need to be combined with other exploits, aren't always reliable, or can't be used with mass spam distribution campaigns, being only useful in very targeted attacks.
A brief history of Microsoft's Surface: Missteps and successes