Microsoft Patch Tuesday and patch management
Patch management can be a full-time job by itself. Get advice on how to install a security patch, patch deployment, tools, and policy. Also get the latest news on Microsoft Patch Tuesday and vulnerabilities and security patch management updates from other major software vendors .
Top Stories
-
News
12 Jan 2022
Exchange Server woes continue on January Patch Tuesday
Exchange Server admins who had to cope with a Y2K22 error to start the new year have three more vulnerabilities of varying levels of severity to resolve for Patch Tuesday. Continue Reading
-
News
10 Nov 2021
Exchange zero-day corrected on November Patch Tuesday
Microsoft released a security update to shut down a publicly exploited vulnerability in the beleaguered on-premises messaging platform. Continue Reading
-
News
19 Jun 2019
BlueKeep warnings having little effect on Windows patching
DHS issued the latest security advisory for BlueKeep, but it's unclear whether the repeated warnings are being heeded by organizations that have vulnerable systems on the internet. Continue Reading
-
Guide
13 Jun 2019
Stay informed about Microsoft security patches in 2019
Administrators can get up-to-date information about Microsoft security updates and expert advice on patch prioritization to ensure a smooth Patch Tuesday process all year long in this guide. Continue Reading
-
News
12 Jun 2019
Microsoft plugs 4 zero-day exploits for June Patch Tuesday
Despite multiple warnings from Microsoft, the threat of the BlueKeep RDP vulnerability to unpatched Windows systems continues to loom following its May Patch Tuesday disclosure. Continue Reading
-
News
06 Jun 2019
NSA issues BlueKeep warning as new PoC exploit demos
The NSA issued a rare warning for users to patch against the BlueKeep vulnerability on the same day a security researcher demoed an exploit leading to a full system takeover. Continue Reading
-
News
04 Jun 2019
Microsoft issues second BlueKeep warning urging users to patch
Microsoft again urged users to patch against the BlueKeep vulnerability as more potential exploits surface and one researcher discovered almost 1 million vulnerable systems. Continue Reading
-
News
15 May 2019
WannaCry infections continue to spread 2 years later
Two years after the initial wave of WannaCry attacks, security researchers said the ransomware continues to spread to vulnerable devices even though it's not encrypting data. Continue Reading
-
News
14 May 2019
May Patch Tuesday fixes zero-day, new Intel CPU bugs
Microsoft fixed 23 critical vulnerabilities in its latest monthly security updates, as well as patches for supported and unsupported Windows systems to ward off a worm that has the potential to be the next WannaCry. Continue Reading
-
Answer
02 May 2019
Why should I use Exchange Server maintenance mode?
When applying security updates or cumulative updates to Exchange Server, it's important to take your time and use maintenance mode to avoid disruption and data corruption. Continue Reading
-
News
01 May 2019
DHS patching directive brings shorter deadlines
A new DHS directive placed new deadlines on patching critical vulnerabilities for federal agencies and experts are divided on whether the timelines are reasonable and realistic. Continue Reading
-
News
09 Apr 2019
April Patch Tuesday closes 2 zero-day exploits
In addition to Microsoft's fixes, administrators should patch holes in several Adobe products to keep attackers from creating havoc in their systems. Continue Reading
-
Feature
26 Mar 2019
Understand Azure Update Management basics
Microsoft provides a variety of tools that IT administrators can use to simplify update deployment, including Azure Update Management. Find out if the service will work with your systems. Continue Reading
-
News
12 Mar 2019
March Patch Tuesday shuts down two zero-day exploits
In addition to the March Patch Tuesday updates, Microsoft's attempts at improving performance following Spectre variant 2 patches backfire for some users on Windows 10. Continue Reading
-
Tip
21 Feb 2019
Weighing the cost of mitigating Spectre variant 2
Fixes for the Spectre variant 2 vulnerability affect system performance, so some in the tech sector wonder whether they're worth it. Expert Michael Cobb examines that question. Continue Reading
-
News
15 Feb 2019
Google Play security improved by targeting repeat offenders
Google this week attributed security improvements in Google Play to both automated processes and human reviewers. The improvements include stopping bad apps from being published. Continue Reading
-
News
12 Feb 2019
Microsoft zero-day vulnerability closed on Patch Tuesday
Administrators should prioritize patching systems affected by a zero-day vulnerability resolved by the February Patch Tuesday updates. Continue Reading
-
News
08 Feb 2019
Apple releases FaceTime patch and iOS zero-day fixes
New bug fix releases for both iOS and macOS include the anticipated FaceTime patch for the serious eavesdropping flaw in group chats as well as fixes for two iOS zero-days. Continue Reading
-
Answer
05 Feb 2019
How much does Azure Update Management cost?
The Azure Update Management cost is free, but organizations that require the tool's advanced features might have to contend with additional fees. Continue Reading
-
News
08 Jan 2019
Light January Patch Tuesday follows IE out-of-band security update
Administrators should prioritize an out-of-band patch that addresses an Internet Explorer zero-day before tackling the 47 vulnerabilities corrected by the January Patch Tuesday fixes. Continue Reading
-
News
21 Dec 2018
Microsoft patches Internet Explorer zero-day bug under attack
News roundup: Microsoft issues an emergency patch for an Internet Explorer bug exploited in the wild. Plus, authorities indict three individuals for 'stresser' services, and more. Continue Reading
-
Answer
18 Dec 2018
How does Azure Update Management handle patching?
Microsoft built Azure Update Management for administrators who require a centralized tool to automate patches for systems both on premises and in the cloud. Continue Reading
-
News
11 Dec 2018
December Microsoft security patches bring a light end to 2018
Microsoft resolved a zero-day and a public disclosure this December patch Tuesday, while experts revisit 2018 in patching and what needs improvement. Continue Reading
-
Answer
04 Dec 2018
How do L1TF vulnerabilities compare to Spectre?
Foreshadow, a set of newly discovered L1TF vulnerabilities, exploits Intel processors via side-channel attacks. Learn about L1TF and its variations from expert Michael Cobb. Continue Reading
-
News
13 Nov 2018
Windows zero-day fix highlights November Patch Tuesday
In addition to the November Patch Tuesday updates, Microsoft offered assistance to combat a new side-channel attack and rereleased a Windows 10 update and Windows Server 2019. Continue Reading
-
News
09 Oct 2018
October Patch Tuesday grounds JET Database Engine flaw
Administrators have a relatively light workload for October Patch Tuesday, but IT workers should pay attention to multiple workstation fixes and issues with older patches. Continue Reading
-
Answer
08 Oct 2018
How does TLBleed abuse the Hyper-Threading feature in Intel chips?
TLBleed exploits Intel's HTT feature to leak data via side-channel attacks. Learn about how TLBleed obtains sensitive memory information from expert Michael Cobb. Continue Reading
-
News
18 Sep 2018
WannaMine cryptojacker targets unpatched EternalBlue flaw
Unpatched systems are still being targeted by the WannaMine cryptojacker, despite warnings and global cyberattacks using the EternalBlue exploit leaked from the NSA. Continue Reading
-
News
12 Sep 2018
Microsoft patches Windows ALPC flaw exploited in the wild
Microsoft's September 2018 Patch Tuesday release included a fix for the Windows ALPC vulnerability that was exploited in the wild for about two weeks before being patched. Continue Reading
-
News
11 Sep 2018
Microsoft shuts down zero-day exploit on September Patch Tuesday
Administrators should prioritize patching systems affected by four public disclosures resolved by the Patch Tuesday updates. Continue Reading
-
News
14 Aug 2018
August Patch Tuesday closes CPU bug, two zero-day exploits
Administrators have their work cut out for them, with more than 60 vulnerabilities to handle for August Patch Tuesday, after reeling from the effects of a bad batch of July updates. Continue Reading
-
News
20 Jul 2018
Critical Cisco vulnerabilities patched in Policy Suite
News roundup: Critical Cisco vulnerabilities in Policy Suite products were patched this week. Plus, Venmo's API is set to public, exposing a trove of customer data, and more. Continue Reading
-
News
10 Jul 2018
July Patch Tuesday brings three public disclosures
Microsoft resolved three public disclosures and updated its Spectre and Meltdown advisory this July Patch Tuesday. In total, Microsoft addressed about 54 vulnerabilities. Continue Reading
-
News
14 Jun 2018
Security Servicing Commitment clarifies Microsoft patch policy
Microsoft's unspoken patch management policy has been codified in the new Security Servicing Commitment, which outlines what flaws will be patched monthly and which will be in Windows updates. Continue Reading
-
News
13 Jun 2018
Spectre v4 fix and Windows DNS patch in June Patch Tuesday
A Windows DNS patch for both desktops and servers headlines Microsoft's June 2018 Patch Tuesday, but the release also includes mitigations for Spectre v4 and more. Continue Reading
-
News
12 Jun 2018
Adobe zero-day fix precedes June Patch Tuesday
Adobe closed a zero-day vulnerability last week, which Microsoft added to its June Patch Tuesday updates. Administrators have a lighter workload, with about 50 exploits to address. Continue Reading
-
News
01 Jun 2018
Yokogawa Stardom vulnerability leaves hardcoded creds in ICS controllers
A Yokogawa Stardom vulnerability leaves industrial control systems in critical infrastructure around the world at risk because of hardcoded credentials in the software. Continue Reading
-
News
09 May 2018
Microsoft patches Internet Explorer zero-day 'Double Kill'
Microsoft's Patch Tuesday for May includes fixes for two zero-day vulnerabilities under attack, including an Internet Explorer exploit known as Double Kill. Continue Reading
-
News
08 May 2018
Zero-day exploits resolved by Microsoft on May Patch Tuesday
Microsoft resolved two zero-day exploits and two public disclosures, amid more than 65 exploits affecting operating systems, browsers and Microsoft Office this May Patch Tuesday. Continue Reading
-
News
04 May 2018
AMD patches in testing with ecosystem partners
The timeline for the AMD patches promised to fix chipset flaws disclosed in March is being criticized, but AMD said the patches are being tested by partners and are still on track. Continue Reading
-
News
30 Apr 2018
Attackers seek Oracle WebLogic vulnerability after faulty patch
The combination of a broken Oracle WebLogic vulnerability and available proof-of-concept exploit code has led threat actors to search for any servers that are at risk. Continue Reading
-
News
18 Apr 2018
Paul Kocher weighs in on Spectre flaws, vulnerability disclosure
At RSA Conference 2018, Paul Kocher, who co-discovered the Spectre flaws, discussed the chip vulnerabilities and explained why disclosure and mitigation efforts were so troubled. Continue Reading
-
News
10 Apr 2018
Windows out-of-band patches overshadow April Patch Tuesday
Microsoft delivered out-of-band security patches to address the Total Meltdown and malware engine exploits as a precursor to its regularly scheduled April Patch Tuesday fixes. Continue Reading
-
News
06 Apr 2018
Microsoft created Windows Defender flaw by breaking UnRAR code
Microsoft's poor coding when forking and modifying open source UnRAR code introduced a critical Windows Defender flaw that could allow an attacker full system rights. Continue Reading
-
News
05 Apr 2018
Intel's Spectre microcode patch not coming for older chips
No Spectre microcode patches will be coming for older Intel processors, but the newest generation of Intel CPUs will have mitigations built in when they ship later this year. Continue Reading
-
News
13 Mar 2018
Intel microcode updates complicate admin patching duties
March Patch Tuesday adds several more mitigations for the Spectre and Meltdown exploits, this time for 32-bit server and client operating systems. Continue Reading
-
Tip
05 Mar 2018
Automated patch management and the challenges from IoT
From creating an inventory to scanning for IoT vulnerabilities, learn the key steps to take when it comes to automating patch management in your company. Continue Reading
-
Podcast
21 Feb 2018
Risk & Repeat: Intel bug bounty tackles side channel attacks
In this week's Risk & Repeat podcast, SearchSecurity editors examine Intel's new bug bounty for side channel attacks and what it says about Meltdown and Spectre. Continue Reading
-
News
13 Feb 2018
CPU bugs add to IT stress as February Patch Tuesday drops
Administrators who rushed out fixes in January for the Meltdown and Spectre flaws then had to unwind some of those corrections after additional problems occurred. Continue Reading
-
News
13 Feb 2018
Critical Broadcom flaws discovered in Lenovo ThinkPads
Two critical flaws in Broadcom Wi-Fi chips disclosed last year were thought to affect only Apple and Android devices, but Lenovo now says ThinkPad models are vulnerable, too. Continue Reading
-
News
05 Feb 2018
Cryptojacking malware using EternalBlue to build botnets
Proofpoint researchers discovered a large Monero mining botnet that uses EternalBlue to spread, and it isn't the first time the Windows flaw has been used for cryptojacking. Continue Reading
-
News
30 Jan 2018
Microsoft rushes Spectre patch to disable Intel's broken update
Microsoft was forced to release an out-of-band Spectre patch designed not to mitigate the vulnerability but to protect users from Intel's broken fix. Continue Reading
-
News
26 Jan 2018
Intel Spectre vulnerability memo raises questions of OEM disclosures
Intel first learned of the Spectre vulnerabilities on June 1, but a confidential document shows the chipmaker didn't inform OEM partners until almost six months later. Continue Reading
-
News
25 Jan 2018
Meltdown and Spectre patches hit XenApp performance especially hard
Organizations with VDI and RDSH will likely take a performance hit after patching Meltdown and Spectre, according to test results from Lakeside Software. Continue Reading
-
News
23 Jan 2018
Intel Meltdown patches pulled with little explanation
Intel claims it has determined why the Spectre and Meltdown patches caused issues on some chips. The vendor is working on a fix and suggests users don't patch for now. Continue Reading
-
Tip
22 Jan 2018
Curb stress from Exchange Server updates with these pointers
Some administrators let the memories of a bad patch linger and put off Exchange updates. Here are some tips to make this necessary chore less of a traumatic experience. Continue Reading
-
News
12 Jan 2018
Intel Meltdown patch causes issues with Broadwell and Haswell
Customers reported the firmware Intel Meltdown patch caused reboot issues on Broadwell and Haswell chipsets, leading to a patch review by Intel. Continue Reading
-
News
12 Jan 2018
AMD backtracks on Spectre vulnerabilities, plans microcode updates
AMD initially believed the Spectre vulnerabilities posed "near zero risk" to its chip, but the company this week reversed course and is planning microcode updates for its products. Continue Reading
-
News
10 Jan 2018
Spectre patches highlight January 2018 Patch Tuesday
Microsoft's January 2018 Patch Tuesday brings Meltdown and Spectre patches to users, except those on AMD chipsets or those with incompatible antivirus. Continue Reading
-
News
09 Jan 2018
Meltdown and Spectre vulnerabilities dominate January Patch Tuesday
Complications surrounding the fix for the Meltdown and Spectre microprocessor architecture flaws will make the patching process more difficult for administrators. Continue Reading
-
News
04 Jan 2018
Meltdown and Spectre patches and mitigations released
Vendors released the vulnerability disclosures and patches for the new Meltdown and Spectre CPU attacks as the infosec industry begins mitigating risks. Continue Reading
-
Tip
27 Nov 2017
Get serious about patch validation and deployment -- fast
Zero-day exploits are more dangerous than ever, but so is applying an untested patch to live systems. Without a strategy to quickly validate patches -- outside of production -- you're playing with fire. Continue Reading
-
Tip
26 Oct 2017
Windows XP patches: Did Microsoft make the right decision?
Microsoft had to make several tradeoffs when developing patches for Windows XP. Expert Nick Lewis explains what these tradeoffs were and how enterprises should respond. Continue Reading
-
News
11 Oct 2017
October 2017 Patch Tuesday includes Windows zero-day fix
The top priority for Microsoft's October 2017 Patch Tuesday goes to a Windows zero-day vulnerability, but IT should also beware of two publicly disclosed flaws. Continue Reading
-
News
11 Oct 2017
Windows 10 patching could make older systems vulnerable
Microsoft's practice of automatic Windows 10 patching could be uncovering vulnerabilities in older systems that can be exploited by attackers, Google researchers said. Continue Reading
-
Tip
11 Sep 2017
After Stuxnet: Windows Shell flaw still most abused years later
A Windows Shell flaw used by the Stuxnet worm continues to pose problems years after it was patched. Nick Lewis explains how the flaw exposes enterprise security shortcomings. Continue Reading
-
News
09 Aug 2017
Windows 10 Linux subsystem gets first patches
Microsoft's August 2017 Patch Tuesday brought the first Windows 10 Linux subsystem patches, just as a new version of the Linux subsystem is released for Windows Server. Continue Reading
-
Answer
03 Aug 2017
How is the Samba vulnerability different from EternalBlue?
A recently discovered Samba vulnerability bears a striking resemblance to the notorious Windows exploit EternalBlue. Expert Matthew Pascucci compares the two vulnerabilities. Continue Reading
-
News
12 Jul 2017
Windows NTLM vulnerabilties addressed in July 2017 Patch Tuesday
Client-side security takes the forefront in Microsoft's July 2017 Patch Tuesday, which includes a fix for legacy Windows NTLM authentication processes. Continue Reading
-
Buyer's Guide
28 Jun 2017
Select the best patch management software for your company
Patch management software enables businesses to prioritize and automatically update systems so that their assets remain secure. See which best fits your infosec strategy. Continue Reading
-
Feature
27 Jun 2017
Patch management tool comparison: What are the best products?
With so many different vendors in the market, it isn't easy to pick the right patch management tool. Read this product comparison to see which is best for your company. Continue Reading
-
Answer
20 Jun 2017
Heartbleed vulnerability: Why does it persist on so many services?
The Heartbleed flaw still impacts almost 200,000 services connected to the internet. Expert Nick Lewis explains why these services remain unpatched and vulnerable. Continue Reading
-
News
14 Jun 2017
More Windows XP fixes in June Patch Tuesday release
Microsoft's June 2017 Patch Tuesday saw another set of Windows XP fixes released in order to secure systems against leaked NSA cyberweapons. Continue Reading
-
Feature
12 Jun 2017
Know why patch management tools are required in the IT infrastructure
Regulations, efficiency and protection are the main drivers for purchasing patch management tools. See why automated patch management is a requirement for most businesses. Continue Reading
-
Podcast
08 Jun 2017
Risk & Repeat: Shadow Brokers launch zero-day exploit service
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Shadow Brokers' monthly service for zero-day exploits and how it may affect enterprise security efforts. Continue Reading
-
News
08 Jun 2017
Researchers port EternalBlue exploit to Windows 10
The EternalBlue exploit behind the WannaCry ransomware attacks has been successfully ported to an older version of Windows 10, but newer versions of the OS are protected. Continue Reading
-
Answer
31 May 2017
Why is patching telecom infrastructures such a challenge?
Patching telecom infrastructures presents many challenges. Expert Matthew Pascucci explains those challenges and what can be done to make sure the systems get patched anyway. Continue Reading
-
News
26 May 2017
Samba vulnerability brings WannaCry fears to Linux/Unix
A widespread Samba vulnerability has raised the possibility of attacks similar to WannaCry hitting Linux and Unix systems, but mitigation options are available. Continue Reading
-
Podcast
25 May 2017
Risk & Repeat: Microsoft slams NSA over EternalBlue
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Microsoft's sharp criticism of the NSA over the EternalBlue Windows vulnerability and WannaCry ransomware. Continue Reading
-
Podcast
23 May 2017
Risk & Repeat: WannaCry ransomware worm shakes tech industry
In this week's Risk & Repeat podcast, SearchSecurity editors look at the devastation caused by the WannaCry ransomware worm and discuss how it could have been prevented. Continue Reading
-
News
15 May 2017
WannaCry ransomware prompts legacy MS17-010 patch
Microsoft responds to WannaCry ransomware with an MS17-010 patch for legacy systems as new ransomware variants spread to more countries around the globe. Continue Reading
-
News
12 May 2017
Cisco vulnerability from WikiLeaks' Vault 7 dump finally patched
News roundup: A Cisco vulnerability disclosed in the Vault 7 dump finally has a patch. Plus, Google's fuzzing bot finds over 1,000 bugs in five months, Comey dismissed and more. Continue Reading
-
Podcast
11 May 2017
Risk & Repeat: Critical Windows bug triggers disclosure debate
This week's Risk & Repeat podcast looks at how a simple tweet about a Windows bug from Project Zero researcher Tavis Ormandy sparked a debate about vulnerability disclosure. Continue Reading
-
News
10 May 2017
Windows zero days squashed in May 2017 Patch Tuesday
Microsoft's May 2017 Patch Tuesday fixed multiple Windows zero-day vulnerabilities, two of which have reportedly been exploited by groups linked to Russia. Continue Reading
-
News
09 May 2017
Microsoft out-of-band patch hits the day before Patch Tuesday
The evening before Patch Tuesday, Microsoft released an emergency out-of-band patch for a dangerous Windows flaw teased by the Google Project Zero team just days earlier. Continue Reading
-
News
28 Apr 2017
Verizon DBIR 2017: Basic cybersecurity focus misplaced
Basic cybersecurity measures like limiting password reuse and implementing multifactor authentication could be big benefits, according to the Verizon DBIR 2017. Continue Reading
-
Podcast
28 Apr 2017
Risk & Repeat: More Equation Group cyberweapons leaked
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the latest round of Equation Group cyberweapons and how Microsoft patched them. Continue Reading
-
News
21 Apr 2017
Stuxnet worm flaw still the most exploited after seven years
Security researchers say the vulnerability behind the infamous Stuxnet worm is still the most exploited in the world, seven years after being patched. Continue Reading
-
News
20 Apr 2017
Oracle patches Apache Struts exploits, Equation Group vulnerability
There were 299 Oracle patches in the April Critical Patch Update, including a fix for the Apache Struts exploits found in the wild and a vulnerability from the Equation Group dump. Continue Reading
-
News
07 Apr 2017
State Department hack and APT29 prove attacker resilience
News Roundup: 'Hand-to-hand' combat in State Department hack, APT29 has a stealth backdoor, the creator of the internet backs strong encryption, and more. Continue Reading
-
News
21 Mar 2017
WikiLeaks' disclosure of CIA hacks comes with requirements
WikiLeaks reportedly made demands of vendors at risk from the Vault 7 CIA hacks, but without knowing what the requirements are, experts are unsure how to react. Continue Reading
-
News
14 Mar 2017
Nine critical Windows security bulletins in Patch Tuesday
After its cancelled February Patch Tuesday, Microsoft's March 2017 Patch Tuesday includes nine critical Windows security bulletins targeting remote code execution flaws. Continue Reading
-
News
10 Mar 2017
WikiLeaks vows to disclose CIA hacking tools; CIA to investigate
WikiLeaks founder Julian Assange promised to work with vendors to help patch products vulnerable to CIA hacking tools, while the FBI and CIA will investigate the leak. Continue Reading
-
Answer
10 Mar 2017
Attack by TIFF images: What are the vulnerabilities in LibTIFF?
Attackers using crafted TIFF images can exploit flaws in the LibTIFF library to carry out remote code execution. Expert Michael Cobb explains how these vulnerabilities work. Continue Reading
-
News
09 Mar 2017
Operation Rosehub patches Java vulnerabilities in open source projects
Google employees recently completed Operation Rosehub, a grass roots effort that patches a set of serious Java vulnerabilities in thousands of open source projects. Continue Reading
-
Answer
07 Mar 2017
How can the Dirty COW vulnerability be used to attack Android devices?
A copy-on-write vulnerability known as 'Dirty COW' was found in the Linux kernel of Android devices. Expert Michael Cobb explains the risks of this attack. Continue Reading
-
News
28 Feb 2017
Edge and IE vulnerability disclosed by Project Zero
Google Project Zero's 90-day disclosure policy bites Microsoft again, as a zero-day Edge and IE vulnerability is made public before a patch is available. Continue Reading
-
News
21 Feb 2017
Google discloses Windows vulnerability after canceled Patch Tuesday
Google Project Zero discloses a Windows vulnerability that passed the 90-day deadline. And it comes soon after Microsoft canceled its Patch Tuesday release. Continue Reading
-
News
17 Feb 2017
Microsoft Patch Tuesday February release delayed by a month
News roundup: Microsoft Patch Tuesday was canceled in February without a clear reason. Plus, APT28 is linked to new Mac malware; Lazarus targets more banks and more. Continue Reading
-
Podcast
08 Feb 2017
Risk & Repeat: Pentagon cybersecurity under fire
In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss Pentagon cybersecurity amid reports of misconfigured servers at the U.S. Department of Defense. Continue Reading
-
News
07 Feb 2017
SQL Slammer worm makes a comeback 14 years later
The SQL Slammer worm returned to take down systems that have been left unpatched for the past 14 years, but experts are unsure if the attacks will continue. Continue Reading
-
News
03 Feb 2017
Microsoft delays Windows zero-day patch; researcher drops exploit code
Microsoft decided to delay a Windows zero-day patch by two months, prompting the researcher who found it to post the proof-of-concept exploit code. Continue Reading