Following the revelation of vulnerabilities in Windows, Internet Explorer and Edge by Google, and the delaying of the traditional Patch Tuesday, Microsoft security update practices have been in the spotlight. Google's Project Zero has exposed security issues that Microsoft is yet to fix, so a third party has decided to step in to help out. A new project going by the name of 0patch has created a "0patch" for a zero-day, addressing the Windows gdi32.dll memory disclosure (CVE-2017-0038) yet to be fixed by Microsoft. As the issue is unlikely to receive an official patch until at least the middle of…
[Continue Reading]