0-Day Tuesday

So. While I have been known to exhibit a certain bias in both choice of tools, and services – however – lets talk for a moment about PATCH TUESDAY.

Security is not ‘my bag’ as such – but the people at Microsoft seem to be in a fantastic situation where security issues only arise on Tuesdays. How do they do they seem to manage to get the ‘bad man’ on side?

I mean – surely this implies that Exploit Wednesday follows – and they have free range until the next Tuesday.

This obviously assumes that this is resolved within a week. Is it? I mean – maybe it’s longer?

I have read in the past that after a major release they withheld known issues, and their patches for a month as it would be seen as ‘bad PR’. I, on the contrary would probably consider a sea of p0wn3d boxes very, very bad PR for a new OS release.

So what gives?

Is it the skewed attitude of patching being seen as an issue, an error, weakness?

I fire up a machine, patch it, get on with my day, and it will check during the day. When I see new versions I see faster, leaner, secure, more features… maybe I am alone in this. It is probably time they either shared their secret as to why they only get 0-Day Exploits on a Tuesday – or – they got with the programme.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this:
Skip to toolbar