Users should stay away from third-party patches for Windows flaws
Security issues have become mainstream news in the past few years, with many big names falling victim to ongoing cyber attacks. Now more than ever, a fortified defense is important and many software developers are working around the clock to provide potent security updates that will prevent breaches.
Problems persist for Microsoft
The last place people would expect to see a crack in security is Windows, the operating system developed by the tech giant Microsoft. Unfortunately, those cracks are real, and the Project Zero team from Google has put the Windows maker on blast.
The current situation puts Microsoft in a position in which it has to acknowledge serious internal vulnerabilities pertaining to one of its .dll files. Users are upset with the company since canceled February’s Patch Tuesday and promised a more robust patch in March despite the gravity of the problem.
A solution has appeared from an unpredictable source
This led third-party security provider 0patch to deliver a solution that would solve the vulnerability. Many praised the initiative, but it turns out it might not be a good idea to rely on this helping hand as perfect as the timing might be. Security professional Chris Goettl says that there EULA concerns that come into play when security updates are being installed. If something goes wrong, Microsoft won’t take responsibility for another developer’s patch. In his own words:
The problem starts to come in when dealing with software especially where there may be warranties or EULAs involved. If something was to go wrong and the versions of files are unexpected, Microsoft will be resistant to supporting the system until it is reverted back to production files.
“Many 3rd parties consume and modify Microsoft components, but in doing so they assume support for those files. Once Microsoft releases a fix will it install over the top of the changes from 0Patch? If any issues occur it leaves the user\company in a gray area.”
Users are kind of forced to endure this security issue until Microsoft comes out with its own solution. This won’t happen until later on, most likely, and could lead to some exploits being deployed by malicious entities. It remains to be seen how the situation evolves.
RELATED STORIES TO CHECK OUT:
- Google Photos comes to all Windows 10 devices via third-party app
- Third-party alarms won’t get jammed by Windows 10 Quiet Hours anymore
- Microsoft blocks third-party Windows browsers
Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]
The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]