How Microsoft Patch Tuesday can help your cyber security planning
Thanks to Microsoft and their “Patch Tuesday” which has officially been running since October 2003, the second Tuesday of the month has become a popular day for the whole software industry to issue patches and updates.
This does not mean no patches and updates are issued at other times, as they do not wait when they need to patch critical and zero-day vulnerabilities and flaws in their software. Microsoft refers to these as out-of-band (OOB) updates.
Microsoft’s Patch Tuesday occurs on the second Tuesday of each month at about 10 am Pacific Standard Time and about 5pm our time (UK). Other vendors issue at other times, but quickly everyone can see that in some situations there are bandwidth issues with getting all those updates to the users. When internet bandwidths were lower, the drop in speed was appreciable even at small offices. Microsoft addressed this with Windows PCs on sharing bits of the updates across internal networks to help reduce the load on the external bandwidth but in some cases that simply transferred the issues inside. There is no getting away from it – whilst these updates from many vendors are being downloaded there is an impact on both PC and network resources.
So Microsoft Patch Tuesday is a bad thing?
At this point Mac users whose networks are slowed by Microsoft updates might start complaining, however Apple now releases its updates on Patch Tuesday too.
Patch Tuesday is a good thing.
Our support team regularly hear complaints about the slowing of machines or the need to restart when these updates are coming in (Diana complained to me this week when she had to close down her work and reboot).
Having a large number of updates and patches being issued on or about the same day of each month makes educating your team about the importance of patches and updates when it comes to good cyber security easier, as they can plan their work around it. It also makes it easier for the support staff, as they can put time by to troubleshoot any user issues, manage the updates for critical servers and systems and check the RMM logs to see who has been trying to skip out on the updates.
One Patch Tuesday Tip
At least in the UK the updates start at the end of the working day – so we can just leave the computers on overnight – but obviously logged out.
Next week
Just before Christmas we are going to look at a tip for defending against Business Email Compromise cyber attacks. In the New Year we are going to look at remote monitoring and management (RMM).
Clive Catton MSc (Cyber Security) – by-line and other articles
