14 DAY TRIAL // Microsoft has already announced that it plans to fix 33 vulnerabilities on Patch Tuesday, but security company Sophos says the tech giant would most likely delay the release of an IE8 security update.
The eagerly-awaited IE8 patch is supposed to fix a zero-day flaw that’s being used to distribute malware via compromised websites, such as the ones belonging to US Department of Labor.
But even if Patch Tuesday would be the perfect moment to release it, Paul Ducklin of Sophos says that a second batch of updates is very likely to be launched later this month.
“I suggest you assume that Microsoft will miss the Tuesday deadline for the CVE-2013-1347 patch, and will publish it in a so-called out of band, one-off update later in May. In other words, prepare to patch twice in the month. If Microsoft does hit its deadline, treat it as a handy bonus,” Ducklin said.
More information, however, will be provided tomorrow morning when Microsoft officially rolls out this month’s Patch Tuesday updates.