Published in News

Microsoft "celebrates" Patch Tuesday

by on20 November 2023

Been with us for 20 years 

Microsoft Security Response Centre has celebrated the 20th anniversary of Patch Tuesday updates.

Well we say celebrate, Patch Tuesday was a sign that Voleware was regularly flawed but at least had the decency to admit there was a problem, unlike the writers of some operating systems.

In a blog post the Centre calls the updates "an initiative that has become a cornerstone of the IT world's approach to cybersecurity."

Originating from the Trustworthy Computing memo by Bill Gates in 2002, Patch Tuesday was supposed to demonstrate Vole's "unwavering commitment to protecting customers."

"Each month, we deliver security updates on the second Tuesday, underscoring our pledge to cyber defense. As we commemorate this milestone, it's worth exploring the inception of Patch Tuesday and its evolution through the years, demonstrating our adaptability to new technology and emerging cyber threats," the blog post says.

Before this unified approach, Microsoft's security updates were sporadic, posing significant challenges for IT professionals and organisations in deploying critical patches in a timely manner, Vole pointed out.

Senior leaders of the Microsoft Security Response Center (MSRC) at the time spearheaded the idea of a predictable schedule for patch releases, shifting from a "ship when ready" model to a regular weekly, and eventually, monthly cadence.

This led to a shift from a "ship when ready" model to a regular weekly, and eventually, monthly release. In addition to consolidating patch releases into a monthly schedule, we also organised the security update release notes into a consolidated location.

Prior to this change, customers had to navigate through various Knowledge Base articles, making it difficult to find the information they needed to secure themselves.

Patch Tuesday has also influenced other vendors in the software and hardware spaces, leading to a broader industry-wide practice of synchronised security updates. This collaborative approach, especially with hardware vendors such as AMD and Intel, aims to provide a united front against vulnerabilities, enhancing the overall security posture of ecosystems.

While the volume and complexity of updates have increased, so has the collaboration with the security community. Patch Tuesday has fostered better relationships with security researchers, leading to more responsible vulnerability disclosures and quicker responses to emerging threats, Microsoft said.


Last modified on 20 November 2023
Rate this item
(0 votes)