We need to ensure that the Operating System we have installed gets updated regularly. There will always be vulnerabilities that can easily be exploited by an attacker. The vulnerabilities which are not known to the vendor and haven’t been patched are called zero-day vulnerabilities.
Most attackers would look for the software version installed on our system. And, then they look for vulnerabilities that haven’t yet been patched. Most software vendors provide software patches as and when necessary.
Microsoft provides monthly quality updates. Patch Tuesday is the second Tuesday of each month at 10:00 AM Pacific Time on which security updates are released by Microsoft for various devices. Such updates are also known as the B releases. These are mandatory updates.
But, that wouldn’t work in case a vulnerability is identified recently. And, the IT Administrators or Users can’t wait to get it fixed through a monthly release cycle. So, for such cases, Microsoft provides OOB releases. Out-of-band (OOB) releases are provided to patch a recently identified critical vulnerability.
Not only Microsoft but different vendors release security updates through Patch Tuesday.
One of the advantages of releasing security updates through this route is that the IT Administrators can prepare themselves in advance. They know beforehand, that security updates will be provided on a specific day so they manage their workflow accordingly.
IT Administrators have also got the option to test planned B releases a month ahead. Such optional, preview updates are known as C releases. We can access C releases through Settings –> Update & Security –> Windows Update –> Check for updates.
When it comes to Linux-based distributions like Red Hat, Debian, Ubuntu, etc. They don’t have a specific day to release security updates. The security updates are released when they become available. Unless otherwise needed, it is better to upgrade your Linux distribution through a package manager. This would install all the necessary security updates. But, if you want you can also use focused patching to install only the patches which are relevant to you.
