Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Skips Patch Tuesday

Posted by CowboyNeal on from the good-nuff dept.

maotx writes "According to their recently released security bulletin, Microsoft will skip this month's Patch Tuesday. Patch Tuesday, also known as Black Tuesday amongst Administrators, is the second Tuesday of every month, in which Microsoft releases a series of patches and critical updates for its various operating systems and applications."

2 of 164 comments (clear)

  1. Re:What happens for patch-quick operations ?. by Saven+Marek · · Score: 4, Insightful

    The whole idea of releasing patches only once a month and on a set date is ridiculous.

    Vulnerabilities aren't discovered and exploits aren't written to respect the timing of Microsoft in this regard.

    What happens if a vulnerability is discovered and an exploit written for it a couple of days after patch tuesday? Microsoft's whole bug fixing scheme is then set to only handle it 28 days later.

    And we all know what happens in 28 days later.

    What happens when a vulnerability is fixed that needs more testing for many people, but also comes attached to vulnerabilities that can be simply exploited? do we wait for the former before applying the latter, or apply the latter and to hell with the consequences in the former?

    I think this is moron thinking. Each patch should be one small patch to fix that vulnerability and only that vulnerability. no other bug fixes with regards to non security issues, no combining patches, no waiting for days to fix a patch.

    Then the monthly updates can be set client side however the client wishes to handle it. daily or weekly or monthly. whatever they wish to handle. at the time.

  2. Re:They have decided by l0ungeb0y · · Score: 4, Insightful

    That's complete BS. The average user does give a damn.
    The problem is that the average user is scared as hell to update their Windows OS because when they have in the past it broke things and caused all sorts of problems.

    There's an old saying: "Once bitten, twice shy".
    You do the "right" thing only to get bitten in the ass because of it, you learn quickly not to do that again.

    The average user isn't a geek and while so many geeks can't understand this fact and rant how most people are clueless.
    This works both ways. How would you like it if every trip to the auto-mechanic you were chided for having certain tires, not using a particular brand/weight of motor oil, not being timely enough in getting a tune up, why didn't you change your own oil, your tire pressures too low? Or if you went to a lawyer, you were spoken down to and treated like a schmuck because of your ignorance of legalese?

    So when these people run Windows auto-update in their attempt to "be good" and then need to call in some geek to fix it, only to get an ear-full of crap about IE this and Outlook that and VB-de blah de blah, you think they really want to suffer that indignity again?

    It's a two fold problem really -- Running MS Auto-update is like playing Russian Roulette and if you lose, you've got to fork over cash for a lecture from some holier than thou sociopathic computer geek that's lost all perspective of life outside /.

    So for many, the best option is to ignore the patches to avoid the headaches they've learned by experience to associate with negative experiences.

    And it's people like you that help reinforce that associative perception. Good job.