Managing Microsoft Patches (Patch Tuesday/Update Tuesday)
By Kislay Chandra
Since 2003, it has been Microsoft's tradition to release security updates on patch tuesday. It makes system admins easy to schedule testing and deployment. Let's explore the whys, Hows, pros, cons of Patch Tuesday. We will also learn how InfraGuard can help you take advantage of Patch Tuesday while keeping you safe from Exploit Wednesday.
What Is Microsoft’s Patch Tuesday?
Patch Tuesday is an unofficial term for the day when Microsoft releases update packages for the Windows operating system and other Microsoft software applications. General practice at Microsoft is to gather security vulnerabilities and fixes and release them in bulk on Patch Tuesday. Microsoft used to publish advance notifications of security bulletins but stopped this practice in 2014.
When Is Patch Tuesday?
Patch Tuesday is on the second Tuesday of each month in North America. The updates arrive around 10 a.m. PST. Sometime they may be released later in the day. Also, the fourth Tuesday of each month is reserved for updates that aren't related to security often called "D" updates. At Microsoft Patch Tuesday updates are called “B” updates. Microsoft also issues optional update packages in the third(“C” updates) or fourth("D updates") weeks of the month.
Adoption by other companies:**
SAP advises users to install security updates on "Security Patch Day" which coincide with Patch Tuesdays. Update from Adobe Systems scheduled for Flash Player also coincides with Patch Tuesday since November 2012. These are also done to avoid reverse engineering since these companies create applications which work on Microsoft Windows.
Patch Tuesday was designed to simplify patch management but there are some cons to this approach. The number of patches released on that one day can sometime be overwhelming. If any of them cause system problems it is going to affect all the systems at same time. Also. if a large number of computers that are connected to the Internet all reboot within a certain period of time, this can also strain a network and lead to outages.
On every Patch Tuesday previously undisclosed vulnerabilities are made public which help hackers to exploit those vulnerabilities. Many exploitation events are seen shortly after the release of a patch which coined the term “Exploit Wednesday”.
InfraGuard at rescue:
With InfraGuard you can automate every step of patch management with selective installation on schedule. So, you can solve this problem by simply creating a policy on IG which updates on Tuesday. You get to choose your maintenance windows for the best time to install.
InfraGuard will also generate reports for available patches and send to stakeholders for approval so you stay in control and updated of what is happening in your servers. Simple auditing allow us to display downloadable patch installation history by applying appropriate filters
Conclusively you can automate your patch management as per your company policies while receiving detailed email reports after every scan or install. Filter and selectively install patches and manage Instance images of any cloud provider without leaving InfraGuard.