Patch Tuesday Security Updates Nixed

By NewsFactor Network | March 9, 2007

With Daylight Savings Time patches being deployed and tested, corporate I.T. administrators can catch their breath next week as Microsoft scrubs its monthly Patch Tuesday release.

Despite eEye Digital Security’s Zero-Day Tracker showing at least five zero-day software vulnerabilities are as yet unaddressed, Redmond said it has no plans to issue new software security updates in March.

Last moth, Microsoft released 12 updates that patched 20 security holes in its products. January saw four security bulletins that addressed 10 bugs. Redmond is reportedly developing fixes for vulnerabilities in Publisher 2007, Internet Explorer 7, and Windows Vista, but I.T. admins will have to wait until at least April to plug the security holes.

Security Researchers Puzzled

Microsoft has only skipped Patch Tuesday a few times since it launched the monthly security patch distribution cycle in 2003. Microsoft’s last Patch Tuesday time out was September 2005. Security researchers are offering various responses to the news.

“We were not expecting this and we’re not sure what to make of it,” said Mikko H. Hypponen, chief research officer at F-Secure.

PI Dynamics Security Evangelist Michael Sutton, however, has some definite opinions. He said that, while there can be little doubt that coordinating a patch release takes a tremendous amount of planning and effort, it is cause for concern when an opportunity to release patches for unpatched vulnerabilities expires without action.

“You will find no fewer than a dozen vulnerabilities that have been reported to Microsoft,” Sutton said, noting advisories posted by TippingPoint and eEye. “Many of the advisories are several months old, so it is difficult to accept that Microsoft has not had sufficient time to prepare an patch.”

A Welcome Reprieve?

Meanwhile, Thomas Kristensen, CTO of Secunia, said he has the impression that many I.T. admins welcome the monthly patch reprieve. What’s more, he said he is confident…

Topics: Tech News |

« FlashFog foils auto theft attempts with rave supplies | Main | Final Plans Set for DST Computer Change »

Comments

Name (required)

Mail (will not be published) (required)

Website

Similar Posts

Microsoft Rolls Out New Round of Patches
Microsoft Leaves Critical Word Flaws Unpatched
Patch Tuesday: Microsoft Fixes 20 Security Bugs
Microsoft Issues Updated Excel Patches
Hackers Actively Exploit New Microsoft Word Flaw
New Worm Attacks Through Symantec Antivirus App
Microsoft Warns of New Excel Vulnerability
Apple Patches Serious QuickTime Bugs
Apple Patches Critical QuickTime Flaw
Microsoft Confirms New Word Vulnerability
‘Apple Bugs’ Project Lists 10 Mac Security Holes
Adobe Patches Acrobat Security Flaw
Will Vista Security Make a Difference?
Tech Prep You Need for March 11 Early Change to DST
Rootkit hack taps Greek prime minister’s phone
I.T. Countdown: Preparing for March 11 Time Change
RFID Hacker Demo Canceled at Black Hat Conference
Mozilla updates Firefox and Camino, Firefox Beta 3 on the horizon
Windows Vista Activation System Cracked
Sony BMG album mar your PC? Here’s $150