In case you have been wondering what is going on with the February 2017 Patch Tuesday that did not happen. Microsoft announced on Tuesday that it would postpone the Patch Day, but did not reveal a date back then.
Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today.
After considering all options, we made the decision to delay this month’s updates. We apologize for any inconvenience caused by this change to the existing plan.
Patch Tuesday is a recurring event on the second Tuesday of each month. Microsoft will release security patches for Windows operating system versions and other company products on that day.
An update to the original announcement on February 15, 2017 confirms that the February 2017 Patch Tuesday has been cancelled, and that the next batch of updates will be delivered on the March Patch Tuesday instead.
Microsoft is very vague in the announcement. First, it is not really clear if all updates are postponed, or if only a subset of updates are not delivered. While it seems clear that Windows updates are postponed, it is not really clear if the same is true for Office, Microsoft .NET or other Microsoft product updates.
Second, and this is the major problem for many probably, is that the postponing means that Flash has not been updated yet, and that the SMB Zero-Day vulnerability has not been patched either.
Third, we don't really know anything about the issue that delayed the release of security patches. This opens the door for speculation, and suggestions ranged from "what Microsoft said" to Windows Update servers may have been compromised.
It is unclear whether Microsoft will push out select, critical security patches prior to March's Patch Tuesday, or if all Windows users will have to wait until March 2017 to get the patches for their machines.
Windows users are on their own right now to deal with these issues. It is recommended to block Flash in Microsoft Edge to block any attacks on this front.
You do so in the following way:
- Click on the menu icon (the three dots) and select Settings from the menu.
- Scroll down and select "view advanced settings".
- There you find a toggle for Adobe Flash. Switch "Use Adobe Flash Player" to off, to disable the technology in Edge and protect the browser from Flash-targeting attacks.
Now You: What do you think happened that forced Microsoft to postpone the February 2017 Patch Day?