RealTime IT News

Patch Tuesday Surprise; No Security Fixes

It would seem Microsoft has nothing to fix.

Ok, stop laughing. Next Tuesday is the second Tuesday of the month, the traditional patch day for Microsoft, but the company has announced that there will be no new security bulletins released on that day.

There will be an update to the Malicious Software Removal Tool and Microsoft does plan to release two non-security high-priority updates for Windows on Windows Update (WU) and Software Update Services (SUS), and four non-security high-priority updates on Microsoft Update (MU) and Windows Server Update Services (WSUS).

Because there are no new security bulletins, Microsoft will not host a webcast as is tradition on the day after the patches are released.

This does not mean Microsoft is not working on some fixes. The company is still working on them, to avoid the embarrassment of having to issue a patch of a patch, like the Excel fix last January or the botched Internet Explorer fix in August 2006.

"While we can't speculate on next month's bulletins, we can share that Microsoft continues to investigate potential and existing vulnerabilities in an effort to help protect its customers," a Microsoft spokesperson told internetnews.com.

Some of those vulnerabilities require long testing time and simply can't be rushed, the spokesperson added.

There is still one outstanding security bulletin concerning a zero-day remote code execution hole in Microsoft Word. Microsoft has added detection of this virus to its OneCare antivirus software.

This is the first time since September, 2005 that Microsoft has had no fixes to issue for its monthly patch cycle.