Your one-stop web resource providing safety and security information to manufacturers

Microsoft patched dozens of vulnerabilities across 18 bulletins in its return to Patch Tuesday after a month-long patch hiatus.

Among the patches include one “critical”-rated flaw, which had publicly disclosed exploit code since early February.

Microsoft Doubles Bug Rewards – For Now
Microsoft Opens Security Center in Mexico
Canadian Security Institute Launches
National Cyber Incident Plan Published

The vulnerability relates to a Windows SMB bug, of which its proof-of-concept code released prior to this month’s scheduled Patch Tuesday.

The memory corruption bug could allow a remote, unauthenticated attacker to crash an affected machine, according to an advisory posted by Carnegie Mellon University’s public vulnerability database posted in February.

Cyber Security

Laurent Gaffié, who found the flaw last year, released the exploit code just days before Microsoft was going to patch the issue in February.

Although Microsoft fixed the bug, Gaffié did not get credit with an acknowledgement in the bulletin.

Microsoft said all versions of Windows suffer in varying degrees by the bug.

The company also fixed eight other critical flaws — which includes two cumulative updates for Internet Explorer and its Edge browser. Nine other important bulletins ended up issued.

March’s patches are available through Windows Update.

Microsoft delayed its Patch Tuesday schedule last month for the first time in its history, with the exception of one critical Flash bug.

Pin It on Pinterest

Share This