Patch Tuesday

Patch Tuesday

Patch Tuesday is usually the second Tuesday of each month, on which Microsoft releases security patches.[1][2][3] Starting with Windows 98, Microsoft included a "Windows Update" system that would check for patches to Windows and its components, which Microsoft would release intermittently. With the release of Microsoft Update, this system also checks for updates to other Microsoft products, such as Office, Visual Studio and SQL Server.

The Patch Tuesday begins at 17:00 or 18:00 UTC. Sometimes there is an extraordinary Patch Tuesday, 14 days after the regular Patch Tuesday. There are also updates which are published daily (e.g. definitions for Windows Defender and Microsoft Security Essentials) or irregularly.

Seemingly Microsoft has a pattern of releasing a larger number of updates in even-numbered months, and fewer in odd-numbered months.[4][5][6]

Contents

Patch-deployment costs

Earlier versions of the Windows Update system suffered from two problems. The first was that less-experienced users were often unaware of Windows Update and did not install it; Microsoft's solution was the "Automatic Update," which notified each user that an update was available for their system. The second problem was that customers, such as corporate users, with many copies of Windows not only had to update every Windows deployment in the company but also uninstall patches issued by Microsoft that broke existing functionality.

In order to reduce the costs related to the deployment of patches, Microsoft introduced "Patch Tuesday" in October 2003.[7] In this system, security patches are accumulated over a period of one month and then dispatched all at once on the second Tuesday of the month, an event for which system administrators may prepare. Some[who?] speculate that Tuesday was selected so that post-patch problems could be discovered and resolved before the weekend, but, certainly, not every patch-induced problem may be cured in that time. The non-Microsoft terms for the following day are "Exploit Wednesday" and "Day Zero," when attacks may be launched against the newly announced vulnerabilities.

Security implications

The most obvious security implication is that security problems that have a solution are withheld from the public for a period of up to a month. This policy is adequate when the vulnerability is not widely known or extremely obscure, but that is not always the case.

There have been cases where either vulnerability information or actual worms were released to the public a day or two before patch Tuesday.[citation needed] This did not leave Microsoft enough time to incorporate a fix for said vulnerabilities, and thus, theoretically, left a one month window for attackers to exploit the hole, before a patch is available to formally fix it. Microsoft issues critical patches as they become ready, however, so this is not generally a problem.

Exploit Wednesday

Many exploitation events are seen shortly after the release of a patch.[citation needed] By analyzing the patch, exploitation developers can more easily figure out how to exploit the underlying vulnerability,[8] and attack systems that have not been patched. Therefore the term "Exploit Wednesday" was coined.[9]

Also, starting to abuse an unpatched exploitation entry point on this day gives malicious code writers the longest period of time before a fix is supplied to users. Malware authors can sit on the vulnerability of a new exploitation entry point until after a given patch Tuesday, knowing that there will be an entire month before Microsoft releases any patch to fix it.

Bandwidth impact

Microsoft's download servers do not honor the TCP slow-start congestion control strategy.[10] As a result, other uses of the Internet may be significantly slowed from machines actively retrieving updates. This can be particularly noticeable in environments where many machines individually retrieve updates over a shared, bandwidth constrained link such as those found in many small to medium sized businesses. To some extent the bandwidth demands of patching a group of computers can be alleviated by deploying Windows Server Update Services.

See also

References

  1. ^ Microsoft rarely refer to it as 'Patch Tuesday'; here's one reference. "Patch Tuesday: WM 6.1 SMTP fix released!". Microsoft - Outlook Mobile Team Blog. November 11, 2008. http://blogs.msdn.com/b/outlook_mobile/archive/2008/11/12/wm-6-1-smtp-fix-released.aspx. Retrieved November 9, 2011. 
  2. ^ It is widely referred to it this way by the industry. "Microsoft Patch Tuesday to target Windows, IE". CNet. October 10, 2011. http://news.cnet.com/8301-10805_3-20118106-75/microsoft-patch-tuesday-to-target-windows-ie/. Retrieved November 9, 2011. 
  3. ^ Showing Microsoft referring to the 'second Tuesday of every month' ".NET Framework 1.1 Servicing Releases on Windows Update for 64-bit Systems". Microsoft. March 28, 2006. http://blogs.technet.com/b/blairn/archive/2006/03/28/netfx1164annc.aspx. Retrieved November 8, 2011. 
  4. ^ ComputerWorld: Microsoft slates hefty Patch Tuesday, to fix 34 flaws next week
  5. ^ ItProPortal: Microsoft Ready To Patch 34 Security Vulnerabilities
  6. ^ TechWorld: Microsoft to patch critical Windows Server vulnerability
  7. ^ http://news.cnet.com/Microsoft-details-new-security-plan/2100-1002_3-5088846.html
  8. ^ Kurtz, George (2010-01-14). "Operation “Aurora” Hit Google, Others". mcafee.com. http://siblog.mcafee.com/cto/operation-%E2%80%9Caurora%E2%80%9D-hit-google-others/. Retrieved 2010-01-14. 
  9. ^ Leffall, Jabulani (2007-10-12). "Are Patches Leading to Exploits?". The Register. http://redmondmag.com/news/article.asp?editorialsid=9143. Retrieved 2009-02-25. 
  10. ^ Strong, Ben (2010-11-25). "Google and Microsoft Cheat on Slow Start" (blog). benstrong.com. http://blog.benstrong.com/2010/11/google-and-microsoft-cheat-on-slow.html. 

External links


Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать реферат

Look at other dictionaries:

  • Patch Tuesday — Le Patch Tuesday, qui survient le deuxième mardi de chaque mois, est le jour où Microsoft met à disposition de ses clients les derniers patchs de sécurité pour ses logiciels (en français, « rustines logicielles »). Débuté avec Windows… …   Wikipédia en Français

  • Tuesday — For other uses, see Tuesday (disambiguation). The god Týr or Tiw, identified with Mars, after whom Tuesday is named. Tuesday ( …   Wikipedia

  • Black Tuesday (disambiguation) — Black Tuesday may refer to: *Wall Street Crash of 1929, an American stock market crash * Black Tuesday (film), a 1954 film starring Edward G. Robinson *Black Tuesday bushfires or 1967 Tasmanian fires, an Australian natural disaster *Black Monday… …   Wikipedia

  • Windows Update — A component of Microsoft Windows Windows Update running on Windows 7 …   Wikipedia

  • Development of Windows Vista — This article is part of a series on Windows Vista New features Overview Technical and core system Security and safety Networking technologies I/O technologies Management and administration Removed features …   Wikipedia

  • Computer worm — Morris Worm source code disk at the Computer History Museum …   Wikipedia

  • Timeline of computer viruses and worms — Contents 1 1960–1969 1.1 1966 2 1970–1979 2.1 1 …   Wikipedia

  • Windows 2000 — Part of the Microsoft Windows family Screenshot of Windows 2000 Professional …   Wikipedia

  • TWiT.tv (network) — Infobox Website name = Twit.tv logo = caption = TWiT Logo url = [http://twit.tv] alexa = commercial = type = Internet Media Station language = English registration = owner = Leo Laporte author = launch date = current status = Active revenue =… …   Wikipedia

  • Microsoft Update — Pour les articles homonymes, voir AUD. Microsoft Update …   Wikipédia en Français

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”