Patch Tuesday - and other days of the week
Industry comment Back in the mists of the past, people gave names to the days of the week. Some of these have survived in the names of our modern weekdays. Monday is Moon Day, Thursday is named after the Norse storm god Thor and the roman god Saturn is remembered every Saturday.
We think this is a great idea and should be revived. People must agree with this as they have already started with the first name: today is Patch Tuesday. Looking through the past year or so we can see that there are some names for the other days of this week almost which are almost choosing themselves.
The day before patch Tuesday when all an administrator has is a worrying snippet of information about the patches that are soon to be released. Will they have to scramble to close a vulnerability in their enterprise? They have to wait and see.
We think enough has been said about this one.
With 24 hours gone since the release of the patches and details of the vulnerabilities being fix out in the open, Malware writers have a field day. New exploits and Trojans pour onto the internet hoping to catch people before they can close any of the holes that weren’t already being used to attack systems.
Now the excitement of Patch Tuesday is past, those niggling little vulnerabilities that researchers have been sitting on can be publicly disclosed, safe in the knowledge that there is a month for any exploitation to do damage before the next round of patches.
The first administrators and users to patch their systems will now be discovering which patch is the dud this month. Maybe it was the patch documentation that wasn’t quite complete or perhaps a bug in the patch itself. Either way, a patch to fix one vulnerability has stopped something unrelated from working, or worse still, it has opened a wholly new vulnerability. ®
Martin Ingram is VP of product management at AppSense.