Third-party software patches pose a big risk for enterprises, security experts say. Some purported “patches” can contain malware, and even a patch from a trusted third-party could inadvertently crash your system. Microsoft and other vendors typically don’t approve of, or endorse, such patches to their products. Microsoft is due to release its monthly patches next Tuesday, October 10, and a patch for the VML bug is expected to be among the security bulletins. At last count, there were just over 15,000 downloads of the Zert VML patch, says Eset’s Abrams.”]
Source: https://www.darkreading.com/analytics/the-perils-of-third-party-patches