Patch Tuesday was initiated in 2003, and for most Windows users, it’s a big deal. Patch Tuesday is the first Tuesday of each month. Releasing the patches monthly has advantages, such as systems administrators knowing a set time at which they must reboot systems, and disadvantages, like waiting for weeks to receive a critical update.
This month, Microsoft announced some important changes to Patch Tuesday, which primarily affect business users. In fact, the larger the organization the more important these changes will be.
Changes to “Patch Tuesday” and How it Affects Business
The new Patch Tuesday is called the Windows Update program, and it combines the old Patch Tuesday releases with a new Windows Update for Business, designed to give systems administrators and IT help desk workers more control and configurability over how and when to schedule updates. It takes into consideration the difficulties in downloading, testing, and installing as many as 50 updates at a time.
The configuration options for Windows Update for Business allow IT to determine if they want all of the updates and security patches immediately or if they prefer to span out the updates and enhancements over a period of time, such as incrementally during the evenings or at a preferable time of the month.
How to Select the Right Patch Management Configuration for Your Infrastructure
Which plan is best for your organization? Well, remote workers generally need updates as quickly as possible, especially the security updates associated with Patch Tuesday. But onsite workers and machines that are critical for operations might be best placed on a distributed schedule.
When large groups of updates are released, it can place strain on the network. If this sounds like your situation, one of the distributed download and installation options might be ideal for you. You can, for instance, schedule patches to only run during the night when nobody is using the systems, or perhaps at a different time of the month when systems aren’t strained with the regular workload, such as month-end closeout.
Why ASAP Patching is Important
While distributing updates and patches over time is appealing for help desk workers struggling to find a reasonable time to reboot systems, there is an important reason not to delay security-related patches. Crackers. Crackers are hackers who get hold of Microsoft’s scheduled security patches early and develop code to undo the fix. If your systems aren’t updated as soon as possible after Microsoft releases those patches, your vital systems are at risk for cracked code, meaning your systems aren’t protected from the latest security vulnerabilities the patches were designed to address.
How to Approach Patch Tuesday in Your Organization
The first step is to empower your help desk software with software asset management tools so that you can keep track of which systems have been updated, schedule the updates for the ideal time, and close vulnerabilities as soon as possible. The next step is to inform users of your schedule so they can work around any downtime or slow network service issues that might come up as a result of downloading, testing, and installing updates and patches.
Finally, make sure remote workers are aware of your update policy and aren’t delaying necessary updates. It’s easy to postpone those updates when you’re on the road trying to get business done or don’t have a great Internet connection speed where you are.
Once patch management policies and procedures are in place, the new face of Patch Tuesday/Windows Update for Business should make it easier to get systems updated on a timely yet convenient schedule.
About Ryan van Biljon
Read more articles by Ryan