DEV Community

Andrew Tetzeli
Andrew Tetzeli

Posted on

DevOps Fail: "Windows Update Zero-Day Being Exploited to Undo Security Fixes"

#cybersecurity #devops #patches #updates

In not-good news for DevOps, Microsoft released vulnerable software as part of its Updates subsystem. The flaw allowed the rolling back of patches to -- you guessed it -- other security flaws. Security Week

We're waiting for it to reach the update-to-patch-flawed-update-to-fix-flawed-update-in-the-prior-update stage.

Stay tuned. We'll keep you posted.

From the Microsoft bulletin:

“Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015)."

Image description

Top comments (0)

profile
Coherence
 Promoted

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

Read next

madza profile image

Introducing StackQL - Manage Your Cloud Services & Interact with APIs using SQL 🧑‍💻🔥

Madza -

franciscojeg78 profile image

Power Up Your AWS Game: Create EC2 Instances, Install Apache, and Connect with PowerShell

Francisco Escobar -

0xw3ston profile image

GitHub Webhook CI/CD: Step-by-step guide

Youssef El Idrissi -

anh_trntun_4732cf3d299 profile image

Understanding and Managing Tablespace in MySQL

Anh Trần Tuấn -