Security News > 2023 > October > From chaos to cadence: Celebrating two decades of Microsoft's Patch Tuesday
Childs described the early years of Patch Tuesday at Microsoft being kind of a party, complete with catered breakfast and music.
"Certainly a lot of large financial institutions and I imagine a lot of other organizations were part of really bringing pressure to bear to Microsoft to release it as an instance, a single time so we can plan for it, take a more measured approach and reduce a lot of the chaos that was prior to Patch Tuesday being a thing," he tells The Register.
Plus, in the early days of Patch Tuesday Microsoft provided advance notification to customers.
"The number of things that Microsoft is patching - Microsoft is patching stuff in Linux now, which was completely unheard of in 2008," Childs says.
"The downside of the Patch Tuesday approach is that the threat actors are aware of the patch. We're in a race condition between the patch being deployed to protect our organizations and the attackers exploiting them."
Childs has worked every Patch Tuesday since 2008, both on the Microsoft side and as a researcher.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/10/11/microsoft_patch_tuesday_turns_20/
Related news
- April 2024 Patch Tuesday forecast: New and old from Microsoft (source)
- Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs (source)
- Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws (source)
- May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) (source)
- Microsoft Fixes 149 Flaws in Huge April Patch Release, Zero-Days Included (source)
- May 2024 Patch Tuesday forecast: A reminder of recent threats and impact (source)
- Week in review: Veeam fixes RCE flaw in backup management platform, Patch Tuesday forecast (source)