Patch Tuesday

The second Tuesday of each month, when Microsoft (and several other vendors) ship their scheduled security updates.

Definition

"Patch Tuesday" is the informal name for the second Tuesday of each month, when Microsoft, Adobe, and SAP release their scheduled monthly security updates. The cadence has been Microsoft's policy since 2003 and provides predictability for enterprise patching programs. Operationally, defenders block out the rest of that week and the following week for testing-and-deploy across their estate.

Other vendors — including Oracle's quarterly Critical Patch Update — follow similar predictable cadences. Out-of-band updates (Microsoft's "OOB") signal something serious enough not to wait for the next scheduled window.

Mitigation

Not applicable.

See also

References