Remember back when Summer and Christmas break was a high time of concern. The kids were out of college and ready to try out their skills. Christmas was worse because so many people were out of the office, no one would notice. Or if they did the response would be limited. Now that’s what we call Tuesday afternoon. Now days, the sysadmins have to deal not just with college code projects, but insider threat, money motivated attackers, and nation states.
This week, Microsoft’s “out-of-band” security update reminded me of the old times. An out-of-band update is simply a unscheduled one. Its released out of the regular schedule because it is currently being exploited. This lends a sense of urgency. Some companies may have already bypassed December updates because of staffing, or scheduling. Anyone in retail certainly has a change freeze in effect. Now on top of that there is a special update for Internet Explorer.
Information about the update for Internet Explorer is available here : https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8653