IT managers patch up with Microsoft

Despite the demanding workload Australian IT managers have settled into the routine of Microsoft's Patch Tuesday updates.

But some months are tougher than others.

Security provider Patchlink believes the release of 12 patches for the month of June, which were released this week, has left IT managers with a "patch management hangover".

The release occurs monthly on the second Tuesday allowing Microsoft to announce product vulnerabilities and issue patches.

Local Patchlink president Neal Gemassmer said the bottom line is that enterprises still face network vulnerability if IT managers fail to get the update fully tested and deployed across the enterprise in a timely manner.

But IT managers who spoke to Computerworld said the bundled releases are more manageable and allow for planning.

Bank of Queensland IT security manager Grant Slender said Patch Tuesday has been positively accepted in most IT departments.

"Simultaneously releasing patches on 'Patch Tuesday' assists IT managers rather than inhibiting them," Slender said. "IT managers are well aware when the updates will come and can prepare for it. Most large companies have structured change controls in place (that authorize, test, and approve change) to accommodate for the changes."

Slender says bundled updates works in line with schedules, because it avoids continual interruption.

"The alternative to bundled updates is a drip-feed supply which, on top of interfering with other work, would just be annoying," he said.

AM International MIS manager Nick Phipps agrees, saying: "[Patch Tuesday] works well with us. We prepare for the updates in advance using structured change controls and can accommodate them easily. There's no a reason for breaking up [bundled] delivery - it's not logical".

Microsoft spokesperson Jo Balfour said bundling updates makes it easier for IT managers to implement them, while critical updates can be released immediately.

"Consolidating these software updates is easier for systems administrators to deploy," Balfour said. "Critical updates may be released out of cycle where appropriate."

She said threat bulletins detail vulnerabilities and help users make decisions about how and when to deploy the patch.

The June-July period saw Microsoft releasing 19 updates through its Patch Tuesday events, 13 were rated "critical", five "important" and one "less severe".

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Bank of QLDLogicalMicrosoftPatchlinkPatchlink

Show Comments