February Patch Tuesday updated

Microsoft released a single update with this February Patch Tuesday, after a week's delay

mit probablistic patches code
MIT News

Microsoft released a single update last week with this February Patch Tuesday, after a week's delay. Or, perhaps MS17-005 is considered an out-of-band update from Microsoft?

I am not sure, as it does not look like we will see the usual accompanying updates to Microsoft, .NET and the Windows (desktop and server) platforms. This sole update to Adobe Flash Player is worth deploying immediately. Evergreen browsers such as Microsoft Edge and Google Chrome will automatically update (using the default settings) and so will patch this serious memory-related vulnerability in Flash Player. 

MS17-005 -- Critical

The sole update released from Microsoft for this February Patch Tuesday is a Windows platform update for Adobe Flash player. This patch addresses 13 vulnerabilities relating to type confusion and a special kind of memory handling error commonly referred to as "use-after-free," where Adobe Flash Player could allow an attacker to execute code in memory areas that should have been "cleaned up" and de-allocated after use. This update is rated critical by Microsoft and by Adobe and should be considered a "Patch Now" update from Microsoft.

Microsoft has recommended a number of mitigations for this type of Adobe Flash Player vulnerability, including whitelisting sites in the Microsoft Compatibility View List and of course disabling ActiveX controls. I recommend disabling and removing Adobe Flash Player at your earliest convenience (again).

Copyright © 2017 IDG Communications, Inc.

Bing’s AI chatbot came to work for me. I had to fire it.
Shop Tech Products at Amazon