This article is more than 1 year old
Roses are red, bugs make you blue, Patch Tuesday is late, because Microsoft loves you
Adobe and Nvidia on the other hand...
IT admins hoping to get out of the office early for Valentine's Day have received some potentially welcome or heartbreaking news from Microsoft, depending on how they're set up.
The Windows slinger says it will hold back its usual monthly release of software security patches while it irons out some last-minute problems with February's bundle.
"This month, we discovered a last-minute issue that could impact some customers and was not resolved in time for our planned updates today," Microsoft said. "After considering all options, we made the decision to delay this month's updates."
This is a departure from Microsoft's traditional second-Tuesday-of-the-month schedule for security updates. Microsoft did not say what the exact cause was for the delay – just that today's release isn't happening. That will be rather annoying for people waiting for a fix for the SMB link-of-death bug, we can imagine.
Meanwhile, Adobe – it's always Adobe – says it will push out three updates to address dozens of CVE-listed vulnerabilities in Flash Player, Digital Editions, and Adobe Campaign.
For Flash Player on Windows, Mac, Linux and ChromeOS, the update will address 13 security vulnerabilities, all of which are remote code execution flaws. Users can get the patches by updating Flash Player to version 24.0.0.221. Newer browsers including Chrome and Microsoft Edge will get the updates automatically.
For those using the Adobe Digital Editions e-reader software, Adobe has released updates for nine vulnerabilities, one allowing remote code execution and eight leading to memory leaks.
Also, anyone running Adobe Campaign on Windows and Linux should update the marketing software to version 16.8 (Build 8757 or later) in order to get fixes for two security flaws allowing security feature bypass or cross-site-scripting attacks.
Finally, Nvidia has released patches to fix privilege escalation flaws in its GPU drivers. The bugs are described here and here by the Google Project Zero team. ®