Patch Monday: A way to avoid more Microsoft Automatic Update fiascos
This month's Black Tuesday — Sept. 10, 2013 — enters the record books as Microsoft's most patch-botching month in history. That's quite an accomplishment, frankly. Having followed Microsoft's bungled patch efforts since long before the ascendancy of Patch Tuesday, I think there's a better — if rather unorthodox — way to manage patching.
The release dilemma is quite straightforward: Microsoft has to test the patches without letting them leak to the bad guys. Conventional wisdom dictates that if the bad guys can reverse engineer the patches before they roll down the Automatic Update chute, Windows as we know it will cease to exist. However, given the recent revelations of governmental stockpiling of zero-days, the ascendancy of companies that specialize in selling such zero-days to governments and corporate spies alike, and the fascinating proposal that the U.S. government share its zero-day trove with private companies (for a fee, of course), I think the day-and-date exposure threat is way overblown.
Here's my proposal: Instead of rolling all the patches out via Automatic Update on Black Tuesday, engulfing an unsuspecting public and creating all sorts of buggy havoc, I think Microsoft should let volunteers test the patches one day earlier. Call it Patch Monday. That would give software manufacturers, corporate customers with patch testing capabilities, enthusiasts and, yes, hackers, a one-day head start on the pandemonium that invariably ensues upon unleashing Automatic Updates.
Microsoft would put together all of the patches as it now does for Black Tuesday. But instead of keeping the security patches under wraps until the fateful moment on Tuesday when millions and millions of machines get hit almost simultaneously, it should let volunteers take a swing at them 24 hours earlier.