What Is Patch Tuesday and Why Do You Need to Install Security Updates Right Away?
Some users see the installment of security updates as a nuisance or waste of their time. However, even though it might interrupt your activities for a bit, it is crucial to get the latest security updates as fast as possible. After all, it is not something we have to do every day. As you probably already know, Microsoft has the so-called Patch Tuesday, during which it presents latest patches and encourages those using their products to install them. Further in this blog post, we talk more about Patch Tuesday and discuss what could happen if you do not get the latest security updates. Therefore, if a question like can I skip Windows updates? ever popped in your mind, we highly recommend reading this article so you would know why ignoring new updates is a bad idea.
What is Patch Tuesday?
The term Patch Tuesday was first mentioned by Microsoft back in 2003. The event occurs every second or sometimes fourth Tuesday of each month, during which Microsoft presents the newest software patches for the company's products, such as Windows. As you may know, Windows has a function called Windows Update that downloads and installs patches so the operating system's users would not have to do it themselves. It is set that on Patch Tuesday the mentioned service begins downloading released updates at 6 p.m. or 5 p.m. UTC.
However, if the user wishes, he can change his active hours, the time interval when he usually uses his computer so that the system would know when it is not a good time to install updates or restart Windows without asking. You can do it by going to your Windows Update settings and accessing the Change active hours option. Thus, getting essential security updates does not necessarily have to interfere with your daily activities. It is normal that some could feel annoyed while waiting for patches to be downloaded and installed since some Patch Tuesdays bring more updates, while other times there are not a lot of vulnerabilities to patch. Apparently, Microsoft tends to release more patches in even-numbered months, which means users get to install less of them in odd-numbered months.
Of course, some patches get to be released outside Patch Tuesday. For example, if the company discovers a critical update that could put its consumers' systems at risk, it should release it immediately. Another thing you might be interested to learn is that it is not only Microsoft that releases updates on Patch Tuesdays since Adobe and SAP, for example, do it too.
What were the latest Patch Tuesday's updates?
The latest Patch Tuesday occurred on June 11, during which Microsoft presented 88 vulnerabilities and patches to fix them. All weaknesses receive one of the following rankings: low, moderate, important, and critical. If you take a look at the full list posted on the Microsoft's official site, you may notice that there were 21 weaknesses considered to be critical. Including four of the five zero-days weaknesses that a cybersecurity specialist known as SandboxEscaper published online.
A zero-day vulnerability refers to a software weakness that has been discovered recently, leaving no time for developers to fix it. Thus, companies that wish to protect their consumers have to react fast and ideally before cybercriminals find a way to exploit these flaws. No doubt, Microsoft does not waste any time, and the fix for the fifth discovered zero-day exploit is on its way. Also, it is good to know that none of the 88 weaknesses were exploited in the wild, including the four discovered zero-days vulnerabilities that the company managed to patch fast.
Besides new patches for Windows, Microsoft also released updates for its HoloLens devices that you should definitely check out if you are using them. Plus, the company informed users that some Bluetooth-based security keys will no longer work on Windows after installing the patches presented on June's Patch Tuesday. It seems that some Feitian and Google Titan security keys contain a misconfiguration in their Bluetooth pairing protocols, which could allow hackers to interact with such keys. Thus, the company encourages consumers to replace them. Luckily, Google offers new keys free of charge, and you can read more about this here.
Can I skip Windows updates, and what would happen if I did so?
Even though it was reported that no one exploited any of the vulnerabilities fixed with the latest Patch Tuesday's updates, it does not mean it will always be this way. There are cases when hackers are the first ones to discover vulnerabilities, and when they do, they can create various malicious applications that could attack systems while exploiting unpatched weaknesses. Some threats can spy on their victims, while others can harm their computers or even employ them for DDoS attacks.
Of course, even if your system is vulnerable, it does not necessarily mean you will get attacked, but the only way to prevent it from happening for sure is to patch its weaknesses. Timing is also essential. If you want your system to be at risk for as little as possible, you should not waste any time. Meaning the answer to the question of whether or not you can you skip Windows updates is NO if you care about the safety of your computer and yourself.
To conclude, security updates are essential if you want to feel safe while using your system or surfing the Internet, and Patch Tuesday offers an excellent opportunity to get all the latest security patches all at once. Lastly, we would like to remind you that not installing software updates could put your passwords at risk too, and if you wish to learn more about that, we invite you to continue reading here.