Microsoft released 14 security bulletins for September, seven of which are rated critical due to remote code execution flaws. Microsoft in all its wisdom didn’t regard all RCEs as critical. There’s also an “important rated” patch for a publicly disclosed flaw which Microsoft claims isn’t a zero-day being exploited. But at least a 10-year-old hole is finally being plugged. Next month marks a significant change as Microsoft says it intends roll out ” servicing changes ” which include bundled patches; unless things change, not all Windows users will be able to pick and choose specific security updates starting in October.
You can read the full article here.