Microsoft Patches

I guess this a rant about some Microsoft issues that I am starting to have. When Microsoft first started their patch Tuesday it seemed like a good idea, however it is a idea that no longer seems like such a good idea. Microsoft has been being hit with zero-day exploits every Tuesday after they release their patches for the month. The logic behind the once a month patch release was to make things easier for companies to test and deploy patches. When we test patches at work, we install them on two production computers and then beet on them for a day before pushing them out to everyone. To me I think it would be better to get the patches when they are ready and have to do the testing more often instead of knowing that I have 75 computers with known vulnerabilities. The other reason I keep hearing is that it takes a lot of time and effort to roll out the patches. With all the tools out there like Numara Deploy, TriActive and Microsoft WSUS I find it hard to believe that there are still companies out there with a group of people running around installing patches.

The other part of this that bothers me is how Microsoft will not release out of cycle patches unless you are using their Windows Live OneCare. I guess I have problems with them charging people to get updates faster for problems they they are responsible for.