Patch Primer for Small Business

Patch Primer for Small Business: what devices you need to update to keep your business safe.

Patch Primer for Small Business

What are patches? Usually patches are security updates (or feature updates) released by the manufacturer for your software or operating system.

As soon as security patches are released hackers then reverse engineer the patch to find out how to exploit the vulnerability. It used take hackers weeks now it takes them only hours to figure out how to weaponize the vulnerability.

Sometimes a patch is designated zero day. That means hackers are already exploiting the vulnerability and you need to patch it as soon as possible.

Occasionally a zero day vulnerability is so serious Microsoft (or other vendors) will release the patch immediately before the next Patch Tuesday.

What is Patch Tuesday?

Patch Tuesday is the day of the month that Microsoft, Adobe, Intel and a lot of other tech companies (except Apple) release their updates. It is always the second Tuesday of the month.

Apple usually releases updates once or twice a month on any day of the work week. Apple almost always calls these feature updates even though usually there are security updates rolled into the update. They also release updates the same day they release new products like a new iPhone or Mac.

Best way to monitor updates for all Apple products is to go to the Apple Security Update page.

Patches break things

Yes, patches sometimes break things. Hackers break more things. It’s easier to roll back a patch that breaks software (or the operating system) than it is to fix hacker damage.

Once a hacker has broken into one machine they have access to your entire office network.

What about Anti-Virus?

You still need anti-virus but it does not protect the computer or device from the vulnerability the virus exploits. Years ago when I worked for a multinational, the person responsible for patch policy decided that the company didn’t need a certain Microsoft patch. The company was hit by a virus that exploited the patch taking down hundreds of computers and a day later the antivirus product healed that virus. Two days later the company was hit by another virus that exploited the same vulnerability and once again hundreds of computers were infected. We finally got the go ahead to install the patch company wide after that.

What to update?

You should be updating any device that has access to your business information and/or your office internet. Besides computers you should be updating smartphones (and their apps), tablets, and printers.

When to update?

Set a day every month usually a few days after Patch Tuesday. I usually recommend waiting a day or two after Patch Tuesday for Microsoft patches in case a patch causes serious problems and gets rolled back.

With Microsoft patches, most of the machine time updating is after you reboot. I usually recommend you update just before the end of your working day. Reboot the computer before you leave.

Make sure you have backed up all important data before you run updates.