As Microsoft continues to lackadaisically count down the days until its March Patch Tuesday, yet another zero-day bug has been publicly unveiled.
This new bug, also announced by Google’s security research team, affects both Internet Explorer 11 and Microsoft Edge:
This makes the second bug revealed in just a few weeks time. Microsoft customers were already waiting for a third bug to be completely fixed since late 2016 – which Microsoft failed to acknowledge with a fix in January. Microsoft then skipped February’s Patch Tuesday altogether, stating it would resume security patching in March.
The company hasn’t been forthcoming about why it skipped providing security patches for its platform in February, but as the next Patch Tuesday approaches, the security problems are stacking up. Many suggest that Microsoft’s new patching strategy is flawed, leaving customers open to security vulnerabilities and software flaws because the company now waits to deliver a single, cumulative update instead of delivering fixes as needed. Many customers joked about Microsoft giving them a much needed break in February, but also voiced concern and worry that the software company’s security policies may be off the rails.
Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in San Francisco in 2017!