Microsoft announced last week that it would not release security updates in February. In fact, the company completely canceled the February updates for the first time in the story of Patch Tuesday.
Microsoft said it would release the updates in March, which means that well-known security issues will remain unpatched. The first is a Windows security gap that was discovered in 3 February and concerns the SMB. The blank affects the Windows 8, Windows 10, and Windows Server operating systems.
Google after a few days posted a security flaw, affecting Windows, saying Micrsoft had been alerted to the vulnerability 90 days earlier, but did nothing.
So for now we've mentioned two unpatched issues that attackers could exploit, but there's also the Flash Player. Adobe released a new version of Flash Player (24.0.0.221) and while Google made available immediately after the update version of Flash Player in Chrome, Microsoft Edge was not updated.
This means that the Flash version of Edge is currently vulnerable to attacks targeting Adobe vulnerabilities.
The big problem is that users and administrators can not upgrade Adobe Flash Player on their own if Microsop does not release a patch for Flash.
However, Microsoft seems to have exceeded it today. The company has surpassed itself and released the Flash Player update for all systems that have built-in Flash Player.
As for the other security updates, the next scheduled monthly update on 14 March of 2017 is announced.
Microsoft released security bulletin MS17-005 just recently.
The MS17-005: It's a security update for Adobe Flash Player:
The company says:
February 21, 2017 — This security update resolves vulnerabilities in Adobe Flash Player if Flash Player is installed on any supported edition of Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows 10, Windows 10 Version 1511, Windows 10 Version 1607, Windows 8.1, or Windows RT 8.1.
The KB4010250 update is available through both Windows Update and Windows Update Microsoft Update Catalog.
