DEV Community

Andrew Tetzeli
Andrew Tetzeli

Posted on

DevOps Fail: "Windows Update Zero-Day Being Exploited to Undo Security Fixes"

In not-good news for DevOps, Microsoft released vulnerable software as part of its Updates subsystem. The flaw allowed the rolling back of patches to -- you guessed it -- other security flaws. Security Week

We're waiting for it to reach the update-to-patch-flawed-update-to-fix-flawed-update-in-the-prior-update stage.

Stay tuned. We'll keep you posted.

From the Microsoft bulletin:

“Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015)."

Image description

Top comments (0)

AWS Security LIVE!

Join us for AWS Security LIVE!

Discover the future of cloud security. Tune in live for trends, tips, and solutions from AWS and AWS Partners.

Learn More

👋 Kindness is contagious

Immerse yourself in a wealth of knowledge with this piece, supported by the inclusive DEV Community—every developer, no matter where they are in their journey, is invited to contribute to our collective wisdom.

A simple “thank you” goes a long way—express your gratitude below in the comments!

Gathering insights enriches our journey on DEV and fortifies our community ties. Did you find this article valuable? Taking a moment to thank the author can have a significant impact.

Okay