Infracore Blog

Microsoft Releases Rare Bug Fix Off of Regular Patch Schedule

Microsoft Releases Rare Bug Fix Off of Regular Patch Schedule

Most of us like to take matters into our own hands, almost to a point where we might refer to ourselves as control freaks. So, when it comes to letting other people or even our own devices update themselves, we tend to click “remind me later” or “don’t ask me again”. Patches however, are a crucial task in the computing era. Keeping everything up-to-date aids your business in staying one step ahead of lurking threats. Recently, Microsoft announced that it had two major security updates which required emergency patches. 

The two vulnerabilities were patched off of Microsoft’s typical “patch Tuesday” due to the urgency. Most Microsoft patches are released on the second Tuesday of the month. The fact that these two were released ahead of time might seem like an insignificant occurrence, but the reality is this event is a major red flag.

Internet Explorer Zero-Day

The most significant patch was for a zero-day vulnerability that was found in Internet Explorer. It may be hard to believe, but people are indeed still using this antique browser to surf the web. The term zero-day suggests that the vulnerability that was discovered, had already been exploited by ill-minded cybercriminals. 

While not much information has been released on the event, Microsoft did call it a remote code execution exploit that, if accessed, could have given a user control of another user’s account. The attack requires phishing someone who is exploring the internet on Internet Explorer, and luring them onto a malicious website. Once there, an attacker would be able to gain access over the victim. 

Internet Explorer is such a forgotten browser that the event did not spark a lot of controversy. This is largely due to the fact that Internet Explorer makes up just two percent of the active market share. However, for the relatively small amount of users that continue to surf, an event like this is still a huge disaster. 

Microsoft Defender DOS Bug

The second patch that Microsoft expedited was a denial of service vulnerability in Microsoft Defender. The antivirus program comes standard in all Windows 10 PCs, and truly is the core of Windows 10’s sterling security record. 

The bug that was discovered wasn’t necessarily obvious, or easily exploitable. In order to do so, the attacker would need the ability to read, understand, and write code. Doing so would allow them to disable Windows Defender components, giving the attacker access. This would give them free rein to do whatever malicious act they chose to deploy. 

Patches aren’t optional. If you are worried about your business’ vulnerability, speak to one of our experts at Infracore LLC. We have the know-how to keep your software up to date. Give us a call at (858) 509-1970 today! 

Like IT or Not, You Need to Keep Up
Cybersecurity: An Origin Story
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, February 17 2020

Captcha Image

Recent Comments

Tim Meyers Motivate Your Employees with More Playful Work Practices
14 February 2020
It is well-known that a dirty environment is an unhealthy one and makes people sick more often than ...
Tim Meyers Tip of the Week: How to Clean Your PC Like an IT Pro
14 February 2020
You should also make sure that the office area is clean to prevent infestations. Get the janitor to ...
jamesblack Tip of the Week: Making Microsoft OneDrive Work for You
12 February 2020
Its a great effort by the author and I would like to congratulate you on this effort sell my house i...
Galvin Petersen How Consolidating Your Technology Vendors Will Save You a Ton of Time
25 January 2020
Technology is growing very fast as there are many things available in the world that can save your t...
Ocean Bridges Tip of the Week: 5 Handy Android Shortcuts
21 January 2020
Android shortcuts are important to notice and every person should be familiar of it. Hence, there is...