Patch Tuesday Best Practices

Mar 16, 2021

If you have a Windows PC and you always keep it updated, then you are already familiar with Patch Tuesday. For people who don’t know, Patch Tuesday is normally the second Tuesday of every month when Microsoft releases their latest updates across all their products. This is a period when IT experts are ready to get the latest security patches installed and see the new things that Microsoft introduces. If you want to successfully install Patch Tuesday updates on your PC without any issues, you need to follow these best practices.

How Do I Get Ready for Patch Tuesday?

1. How to Avoid Patch Tuesday Errors and Issues

Research specialized forums concerning what the new updates are supposed to bring and see whether or not they are worth installing.

Also, every security update issued by Microsoft comes with a report that is published by the Microsoft Security Response Center, which is available at the same time the security patches are released to the public.

If you read up and see that future updates may have issues that affect your work, ensure Windows Auto Update blocks automatic updates.

While this is a short-term solution, it may be a good idea to wait until hot-fixes are released. Customers are always advised to follow these security best practices:

  • Run all software with the least privileges needed while still maintaining functionality.
  • Install vendor patches as soon as they are available in your region. Never visit sites of questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is needed.
  • Avoid handling files from unknown sources.
2. How to Quickly Download Patch Tuesday Updates

If you have read the documentation and see that the chance of coming across issues is low, you can enable Windows Auto Update. Doing this will make your PC automatically download the patch and prepare to install it as soon as it’s available in your location.

Just like any other update, if you don’t want to waste time waiting for the update to finish, ensure nothing is taking up your bandwidth.

3. How Does Patch Tuesday Affect Organizations?

When it comes to organizations that have large volumes of computers, applying Patch Tuesday updates may be difficult. This is because implementing a company-wide patch management process involves high-level support.

These steps may differ, but the main point is that the updates must not be installed as they become available in your region.

Consequently, you’ll need to create a core patch management team and have a testing process that also comprises stakeholders in testing, which takes up resources and time.

This normally leads to short downtime in the company, but the IT department should be able to take care of this issue.

Make Sure to Test Patches

The only thing Microsoft’s Patch Tuesday is negatively known for is the effect that some patches may have in your environment if they are not tested before they are downloaded.

Most times, Microsoft always releases a modified version of an update because of the issues that are initially seen with the bulletin being deployed in customer websites. This issue can be avoided if the patches are tested before they are used.

Once a patch has been applied successfully, check where improvements in the whole enterprise patching procedure can be made. Patching procedures and processes should always be evolving so as to achieve greater efficiencies.

The best way to do this is to use automated patching tools. They can automate tedious and repetitive tasks to speed up the time patching takes from release to implementation.

Consider Best Practices in Applying Updates

Microsoft has some official documentation on what they advise as Patch Tuesday best practices. Other vendors may have additional best practices and things that must be put into consideration when deploying those updates. Consider researching this before deploying any updates.

Prioritize Updates to Deploy

Most times, you may be limited by a maintenance window concerning how many updates you’ll have time to deploy. If this occurs, you’ll need to prioritize the updates to deploy.

Firstly, you must consider the updates that are not applied in your location. Which ones are the most important? Both are based on what you and the vendors believe to be essential in your environment.

Are your systems at the latest service pack? Except you have applications running that need an older service pack and won’t work on the latest patch. You should consider it as a priority to get the latest service packs applied, particularly for the operating system.

Are there updates that you know will break something in your region? Or updates you know are not needed in your location? Ensure to exclude those updates.

When will you be able to deploy the non-critical updates? Also, you should schedule when to deploy non-critical updates sometime before the next Patch Tuesday hits. Or else you will start to fall behind on getting all updates applied to your systems.

Conclusion on Patch Tuesday Best Practices

Patch Tuesday is not all that essential for casual users. However, for organizations that need their computers to be in the best condition at all times, it’s one of the most essential times of the month.

While Microsoft has never been successful at delivering problem-free updates, they always come through with hot-fixes immediately. If you value the integrity of your PC, knowing when and how to apply Patch Tuesday updates can be essential in the long run.

Do you want to learn more about Patch Tuesday and help your IT team with the best practices for Patch Tuesday? If yes, Vicarius is your go-to cybersecurity company. Vicarius is a vulnerability management software that targets cybersecurity officers and operators, as well as IT managers and operators from the U.S. market.


Photo by CDC on Unsplash


  • #vicarius_blog


Written by

Kent Weigle

Recent Posts

  • 1

    CISAnalysis - September 30, 2022

    Evan Kling September 30, 2022
  • 2

    Not So Fast: Analyzing the FastCompany Hack

    John Kilhefner September 29, 2022
  • 3

    How to test application with ZAP - Part Two

    Jenny R September 28, 2022
  • 4

    How to test application with ZAP - Part One

    Jenny R September 28, 2022
  • 5

    The World's Worst Hackers Have Flags

    Paul Lighter September 27, 2022

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial