Security Terms for 400

Jan 12, 2021

"The day when Microsoft releases updates for their software to improve security."

What is...Patch Tuesday

Correct! 💯


In October 2003, Microsoft began releasing organized security-related updates and fixes for its operating system and other Microsoft software applications. This day became unofficially known as Patch Tuesday.

As Microsoft finds and fixes vulnerabilities in their software, they usually don’t release each patch as it is made. Instead, the patches are collected together into one update and released all together on Patch Tuesday.

Releasing all of the patches on a single day within a single update enables IT professionals to anticipate and plan for each Patch Tuesday. Many other software companies like Oracle and Adobe also release their security patches on the same day.

When is Patch Tuesday?

Patch Tuesday reoccurs every second Tuesday of each month if one is in North America. There isn’t a guaranteed time of day that these patches are released, but Microsoft tends to make them available by noon Pacific Standard Time, though they could be released earlier or later.

The average Windows PC will update automatically, but IT administrators may choose to test individual patches before they are deployed throughout their organization.

Of course, Patch Tuesday isn’t the only day that updates are made available. Microsoft and other organizations will release patches if the corresponding vulnerability is being actively exploited in the wild. Microsoft also releases non-security related updates during the third and fourth week of each month. Once tested and approved, these updates make it into the following month’s Patch Tuesday update.

Exploit Wednesday

As soon as the updates for Patch Tuesday are released, exploit developers are able to analyze the previously undisclosed vulnerabilities. This has given the following day the name of Exploit Wednesday.

IT professionals know they need to patch the most critical vulnerabilities for their organization once a patch is released. It’s only a matter of time before an unpatched vulnerability is exploited by a malicious actor, but it’s best to ensure that the ones that pose the most risk are patched before non-critical vulnerabilities.

To make sure that the most critical vulnerabilities are patched first, it’s necessary to know which applications are most important to business continuity and how far reaching the consequences of a successful exploit could be. Utilizing a vulnerability management system like TOPIA can prioritize and deploy updates automatically. This cuts out the guesswork so you know that the most critical vulnerabilities are patched first. TOPIA also protects vulnerable applications from exploitation even if a patch is unavailable with its Patchless Protection technology.

Written by

Kent Weigle

Recent Posts

  • 1

    Our Path to Product-Led Growth

    Michael Assraf May 24, 2022
  • 2

    OSINT Basics – What is OSINT and Why Do We Do/Need OSINT?

    Nikola Kundacina May 22, 2022
  • 3

    What is OS Fingerprinting?

    Kent Weigle May 16, 2022
  • 4

    John the Ripper Pt.4

    Nikola Kundacina May 16, 2022
  • 5

    John the Ripper Pt. 3

    Nikola Kundacina May 09, 2022

Start Closing Security Gaps

  • Risk reduction from Day 1
  • Fast set-up and deployment
  • Unified platform
  • Full-featured 30-day trial