The second Tuesday of the month, typically Microsoft's scheduled patch release day, will not have any security bulletins. Microsoft will, however, go ahead with a release of its monthly update of Windows Malicious Software Removal Tool along with several non-security updates. Microsoft occasionally has months when it has not released security updates; the last one being in September 2005, according to the software giant. "Microsoft continues to investigate potential and existing vulnerabilities in an effort to help protect our customers. Creating security updates that effectively and comprehensively fix vulnerabilities is an extensive process involving a series of sequential steps," said a company representative.
The patch break could be a welcome respite for IT managers still busy testing the dozen fixes Microsoft released last month and making the switch to daylight saving time, which Congress ordered to happen three weeks earlier this year. Still, the lack of security updates also means that cybercrooks have more time to exploit known security vulnerabilities. There are five known zero-day holes in Microsoft products, according to eEye Digital Security.
News source: News.com