The patches that companies release for their products enhance the security and functionality. However, this does not make them any less of a hassle. At their least harmful, they are annoying. At their most harmful, they take down business’ critical systems. And refusing to install an update is not an option. Without patched software, organizations leave their systems wide open to vulnerabilities. These facts, though, do not take away from the disturbance that patches can cause. It is for this reason that Microsoft embraced the idea of Patch Tuesday, creating regularity with software updates.
What is Patch Tuesday?
In the early 2000s, Microsoft found that randomly releasing patches was costly to businesses. They could not prepare for the updates and automatic installations could interrupt business-as-usual operations. Alternatively, if they delayed installation, they left themselves open to exploits. So in 2003, Microsoft decided to create more orderly and scheduled update releases.
Patch Tuesday happens on the second Tuesday of each month—and sometimes on the fourth Tuesday, too. Tuesday was chosen in order to leave Monday available for final preparation for the update, while leaving the rest of the week open after the update in order to address any issues caused by the patch before the weekend. On this day, Microsoft releases any security patches that it has developed for its various software products. Typically, Microsoft releases the most updates in even-numbered months. However, these are not hard and fast rules. Sometimes updates are just released randomly during the month.
What is Exploit Wednesday?
Exploit Wednesday is the day after the patches are released. It refers to any machines that did not install the newly released patches. Because Microsoft explains the vulnerabilities that the patches fix when they release the updates on Tuesday, on Wednesday many exploits start to appear that take advantage of these previously unknown vulnerabilities in unprotected machines.
One of the most common ways for these vulnerabilities to be exploited is through attacks on discontinued Windows versions. Microsoft will inform users when they are ending support for old Windows versions. However, many patches on newer Windows software will address the same vulnerabilities that were in earlier iterations. Exploitation developers can then attack devices that are still running these unsupported software.
What is Uninstall Thursday?
Uninstall Thursday was designated by the Microsoft users after Patch Tuesday was implemented. Unfortunately, patches can sometimes cause problems. Some work and some don’t. Occasionally, they fix one thing and break another. So the idea behind Uninstall Thursday is that, as it is the Thursday following Patch Tuesday, it is the day that companies figure out that it was the patch that created problems in a mission-critical system—and the only way to get the system working again is to uninstall the patch.
Planning For Patch Tuesday
[caption id=“attachment_161676” align=“aligncenter” width=“600”] System Security Specialist Working at System Control Center. Room is Full of Screens Displaying Various Information.[/caption]
The idea behind Patch Tuesday is solid. It gives businesses a chance to plan and prepare. And while Exploit Wednesday and Uninstall Thursday are an unpleasant part of this process, organizations can develop a strategy to minimize their impact on business processes. The following dives into the best resources to use in order to develop this strategy and be ready for every upcoming patch.
This website is a patch dashboard that keeps track, in real time, of the vulnerabilities that were created with Patch Tuesday. It updates the number of vulnerabilities, any exploitations, the severity and impact of exploits, a list of every vulnerability, and more.
Reddit is a treasure trove of information on Microsoft patches. It offers an entire section dedicated to patch discussion, as well as threads with various resources. This can be a great place to turn to for questions or just to read up on best practices.
This program pays researchers for reporting vulnerabilities. They then inform the affected vendor, give them time to address the vulnerability, and report it to the public. Therefore, if a company does quickly identify a potential vulnerability with a patch, this is the place to report it.
This website is extremely basic. It does offer comprehensive updates and reports on patches and these can be an incredible resource to help businesses quickly become aware of any issues that a new update is causing. There is also a strong search function that can be helpful in narrowing down desired patch information.
This is a program for companies to use. Through it, Microsoft provides a deeper look and comprehensive details in regards to any security updates. The Microsoft Security Response Center oversees the guide, the goal of which is to provide information about the Center’s investigation into all security vulnerability reports and update the public on how to move forward. The Center not only offers this list but also regular blog-like updates. Within these posts, they summarize recent events, changes, and updates in regards to Microsoft patches.
This team is part of the National Cybersecurity and Communications Integration Center. The goal is to secure cyber defense and respond to incidents. The team offers a ‘Current Activity’ page that they update multiple times a day. It provides a summary of incident reports that are both high-impact and frequent.
This is a group of volunteers who first detect vulnerabilities and other problems on software and throughout the internet, then analyze them, and finally share information with the public to assist them in taking technical and procedural steps. They provide updates, information, tools, and a forum to empower companies to protect themselves when installing patches. They also provide a constant threat level analysis from a rotating list of handlers who continuously monitor exploits.
Woody On Windows is a series of blog posts written by Woody Leonhard, a columnist at ComputerWorld. The blog concentrates solely on Windows updates, where Leonhard explores each update to provide insight and advice.
Learn More About Patch Tuesday
Stop wasting time and taking risks with your patches. Agile IT provides full patch management with the expertise and value that only a top rated Microsoft Partner can provide. Schedule a call to find out more.