Security News > 2023 > October > From chaos to cadence: Celebrating two decades of Microsoft's Patch Tuesday

Childs described the early years of Patch Tuesday at Microsoft being kind of a party, complete with catered breakfast and music.

"Certainly a lot of large financial institutions and I imagine a lot of other organizations were part of really bringing pressure to bear to Microsoft to release it as an instance, a single time so we can plan for it, take a more measured approach and reduce a lot of the chaos that was prior to Patch Tuesday being a thing," he tells The Register.

Plus, in the early days of Patch Tuesday Microsoft provided advance notification to customers.

"The number of things that Microsoft is patching - Microsoft is patching stuff in Linux now, which was completely unheard of in 2008," Childs says.

"The downside of the Patch Tuesday approach is that the threat actors are aware of the patch. We're in a race condition between the patch being deployed to protect our organizations and the attackers exploiting them."

Childs has worked every Patch Tuesday since 2008, both on the Microsoft side and as a researcher.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/10/11/microsoft_patch_tuesday_turns_20/