Microsoft Fixes Critical Bugs on 'Patch Tuesday'

Forum Moderators: open

Message Too Old, No Replies

Microsoft Fixes Critical Bugs on 'Patch Tuesday'

engine

10:46 am on Apr 9, 2008 (gmt 0)

Microsoft issued a critical patch for two vulnerabilities in the core graphics subsystem of Windows, one of eight fixes released Tuesday as part of its monthly security updates.
Microsoft released a total of five critical patches in its April security bulletin. Two of them fix bugs in Windows, two fix bugs in Windows and Internet Explorer (IE), and one fixes a vulnerability in Microsoft Office. The critical rating means an attacker could potentially exploit the flaws to hack into a victim's computer.
The other patches fix vulnerabilities in Windows and Office and were rated "important." Microsoft releases patches on the second Tuesday of every month, which has become known in the industry as "Patch Tuesday."

Microsoft Fixes Critical Bugs on 'Patch Tuesday' [pcworld.com]

swa66

3:43 pm on Apr 11, 2008 (gmt 0)

"Patch Tuesday" isn't the industry term AFAIK (unless with the MSFT fanboys perhaps) , "Black Tuesday" sounds much more familiar.

The best overview of MSFT patches is available every month on the Internet Storm Center (ISC) of SANS.

bill

1:10 am on Apr 12, 2008 (gmt 0)

The term "Patch Tuesday" has become quite common among system administrators and other IT professionals who work with Windows. It simply denotes the day on which MS regularly releases updates/fixes. This is an improvement for many who previously had to deal with these changes on a unpredictable schedule. Your sarcasm is misdirected.

Visit Thailand

2:05 am on Apr 12, 2008 (gmt 0)

Don't you think Mircrosoft should start doing their updates twice a month (at least). Surely that would be a possibility and would not cause too much more work for them.

I still do not know why they can't do updates as they happen just like AV software.

bill

7:26 am on Apr 12, 2008 (gmt 0)

I still do not know why they can't do updates as they happen just like AV software.

They used to do it that way and they still do publish updates outside this schedule if the fix is critical enough. It's mainly done for the convenience of corporate System Administrators.

I hadn't read it before, but there's an entire article about Patch Tuesday on Wikipedia [en.wikipedia.org].

kaled

10:25 am on Apr 12, 2008 (gmt 0)

I still do not know why they can't do updates as they happen just like AV software.

The size and complexity of OS patches is (or can be) far greater than anti-virus software. I've never studied AV software in depth, but I think most updates only affect the virus definition database. Something like that is easy, you don't have to perform compatibility tests, etc. However, when you are updating operating system program code, there is a potential that it will kill systems stone dead if you get it wrong. This being the case, a monthly cycle is reasonable.

Kaled.