Patch Tuesday

Dennis Faas's picture

Patch Tuesday is the second Tuesday of each month, the day on which Microsoft releases security patches.

Windows Updates

Starting with Windows 98, Microsoft included Windows Update: a system that automatically checks for security patches and fixes for MS Windows, MS Office, and other Microsoft products, and notifies the user of such updates.

Automatic Updates vs Windows Updates

The idea of Windows Update system suffered from two primary issues.

On one hand, less experienced users were not aware of updates, and would not run them -- leaving their system vulnerable to exploits. Microsoft's solution was to introduce the concept of "Automatic Update", which would pro-actively inform the user that an update was available for their system.

Windows Update Deployment Issues

The second problem affected large deployments of Windows, such as can be found at large companies. Such large deployments found it increasingly difficult to make sure all systems across the company were up to date.

Breaks in Functionality

Occasionally (and even today), patches issued by Microsoft break existing functionality, and have to be uninstalled until a workaround is issued at a later date.

The Concept of Patch Tuesday

In order to reduce the costs related to the deployment of patches, Microsoft introduced the concept of Patch Tuesday.

The idea is that security patches are accumulated over a period of one month, and then dispatched all at once on an anticipated date which system administrators can prepare for.

This date was set not too close to the beginning of the week, and yet far enough from the end of the week to allow any problems that may arise to be resolved before the weekend.

System administrators can mark the second Tuesday of the month as the "day in which machines are updated", and plan accordingly. The name "Patch Tuesday" has been in use since the third quarter of 2004.

Exploit Wednesday

The notion of 'Exploit Wednesday' has been introduced as the day after Patch Tuesday, when hackers launch attacks against new announced vulnerabilities yet to be patched by Patch Tuesday fixes.

Windows XP: Updates Cease 2014

Patch Tuesdays will end for Windows XP Home Edition on April 8, 2014, when extended support for this version of the OS expires.

This document is licensed under the GNU Free Documentation License (GFDL), which means that you can copy and modify it as long as the entire work (including additions) remains under this license.

Rate this article: 
No votes yet