by Playfuls Staff |
9th March 2007
For the first time since September 2005, the Redmond behemoth will not release its usual monthly fixes to its software products, simply because they are not yet ready for prime-time.[more]
Microsoft is currently working on patches for known vulnerabilities in Internet Explorer 7, Office 2007's Publisher 2007 and Windows Vista OS, but they are not ready for release at the moment, said a spokesman from Microsoft's public relations firm Thursday.
The last time Microsoft had no security updates on "Patch Tuesday" was September 2005, he said. Patch Tuesday was inaugurated with the company’s previous operating system Windows 98, and is the name researchers gave to Microsoft’s monthly updates, which come on the second Tuesday of the month.
Also on Tuesday, Microsoft will go ahead with an updated release of its Windows Malicious Software Removal Tool. The program detects and removes common malicious code placed on computers and is also released monthly.
"Microsoft continues to investigate potential and existing vulnerabilities in an effort to help protect our customers," a company representative said on Thursday. "Creating security updates that effectively and comprehensively fix vulnerabilities is an extensive process involving a series of sequential steps."
The break taken by MS is due to unfinished work at the patches, but it could also mean that malicious persons could take advantage in the meantime to perfect their attack methods.
In most months Microsoft sticks to the "one patch set per month" schedule, and patches are only released on Patch Tuesday. However, cases in which out of cycle patches are released are not rare, and happen, on average, several times a year.
Many exploits are seen shortly after the release of a patch. By analyzing the patch, exploit developers can more easily figure out how to exploit the underlying vulnerability. Therefore the term "Exploit Wednesday" was coined.
