To computer system administrators around the world, the second Tuesday of each month has become known as “Patch Tuesday.” That’s because it’s the day that Microsoft releases it’s latest “patches” for the Windows operating system, and other Microsoft products. Simply put, a program “patch” is a bit of computer code designed to repair a flaw in a much larger batch of computer code — that larger batch of code being known as a “program.” As researchers probe and test computer operating systems and programs, operational and security flaws are often revealed, forcing software companies to issue patches to repair their products before systems begin to crash, or security holes are exploited by the bad guys.
Although it’s not much of a big deal for the typical home or small business owner to update their systems, Patch Tuesday has also come to be called “Black Tuesday” by many companies, as they begin the tedious chore of updating and patching hundreds, if not thousands, of computers. Compounding the work is the fact that other companies, such as Oracle, Apple, Mozilla, Sun and Cisco have also strangely chosen the same day to issue patches for their products.
Not only do patches have to be distributed to and installed on millions of computers around the world, many companies insist on testing patches for suitability before installing them on their systems. This testing process is usually considered necessary to companies using large computer networks in “mission-critical” environments, as many patches, particularly those from Microsoft, have a notorious record for causing conflicts with existing hardware and software configurations.
Over the years, system administrators have gotten used to there being a comfortable patch “window,” in which there would be sufficient time for patch testing and deployment before the worse could happen. However, as more software flaws are revealed, and computer bad guys become more resourceful, that window has become smaller and smaller, leaving thousands of companies hustling to “beat the virus.” The much-feared “zero-day exploit” is the computer virus or worm that exploits flaws and infects computers before a patch can even be issued, or, that comes out on the same day as the patch.
Such was essentially the case with last week’s outbreak of the Zotob worm (who thinks up these names, anyway?), which caused expensive problems for Daimler/Chrysler, CNN, ABC, the New York Times, Disney, Caterpillar, General Electric, General Motors, Kraft Foods, United Parcel Service, and, here in Oklahoma, at our Department of Human Services, and Norman’s York plant. A patch repairing the flaw exploited by Zotob in Microsoft’s Plug and Play feature was released August 9, “exploit code” started showing up around the Internet on Friday, the 12th, the Zotob worm implementing the exploit code was released by the bad guys into circulation and started infecting computers on Sunday, August 14, and shut down the York plant a week after Patch Tuesday on August 16th. OOPS!
The moral of the story? Don’t miss Patch Tuesday!