There were almost no patches from Microsoft in February, and the ones that were released haven’t caused any problems. It makes a lot of sense to apply those few patches now, since … who knows what could happen next.
A tiny Windows 7 security patch was released in January, and there were no Windows 7 patches at all in February. Meanwhile, the list of problems is growing; two zero-day exploits in IE and Edge were confirmed in February—the gdi32.dll heap boundary error and the CSS token sequence/JavaScript table header bug. The vulnerability that caused SMBv3 protocol crashes hasn’t been fixed, either. A lot of stuff is likely ready to hit the fan.
