Microsoft has patched the zero-day security hole disclosed by Google

Microsoft makes America update again.

Graham Cluley
Graham Cluley
@[email protected]

Microsoft has patched the zero-day security hole disclosed by Google

We’ve just had the second Tuesday of the month, and you know what that means… Patch Tuesday!

Microsoft has issued a bundle of security bulletins, detailing fixes for numerous vulnerabilities, including critical remote code execution flaws in Microsoft Office, Microsoft Edge and various Windows components.

And this Patch Tuesday update includes a fix for the vulnerability that Google engineers controversially chose to make public last week.

Sign up to our free newsletter.
Security news, advice, and tips.

The security hole is said to have been exploited by the Russian-linked Fancy Bear hacking group in targeted attacks, and details were shared by Google only days after it privately told Microsoft about the flaw, and informed Adobe of an associated Flash zero-day bug.

Although Adobe was able to issue a patch promptly, Google didn’t wait for Microsoft to push out a patch for the security vulnerability that was known to be being exploited in targeted attacks.

It was clear at the time that Microsoft was highly unimpressed by Google’s action:

“We believe in coordinated vulnerability disclosure, and today’s disclosure by Google puts customers at potential risk.”

Whether you think Google was wrong or not to do what it did, you’re hopefully pleased to see that Microsoft has kept its promise and now issued a patch – meaning millions of users can benefit from protection.

Although the Microsoft patch for the Google-found flaw is likely to get the majority of the media attention, it’s important to recognise the latest collection of security patches from Microsoft cover a wide range of vulnerabilities.

As always, I strongly recommend that home users and companies update their Windows systems at their earliest convenience.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

2 comments on “Microsoft has patched the zero-day security hole disclosed by Google”

  1. Bob

    All crucial updates for Windows and Microsoft Office (pretty much every business) users. The new delta/cumulative updates that Microsoft provide are far better and more efficient than the old way updates were delivered.

  2. Bob

    Google Chrome has also been updated to version 54.0.2840.99 offering security enhancements.

    Go into the menu (the inverted ellipsis at the top right of your screen), select Settings, then click About and it'll update the browser for you.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.