Microsoft delayed its February security update slate to finish patching critical flaws in Windows that a hacker gang tried to sell, several security experts have argued.
“Looks like Microsoft had been informed by ‘someone,’ and purposely delayed [February’s] Patch Tuesday to successfully deliver MS17-010,” tweeted Matt Suiche, founder of Dubai-based security firm Comae Technologies.
MS17-010, one of several security bulletins Microsoft issued in March, was just one of several cited Friday by the Redmond, Wash. developer when it said it had already patched most of the vulnerabilities exploited by just-leaked hacking tools.
Those tools — 12 different Windows exploits — had been included in a large data dump made April 14 by a hacker group dubbed Shadow Brokers, which is believed to have ties to Russia. The exploits, as well as a trove of documents, had been stolen from the National Security Agency (NSA), Shadow Brokers claimed.