Monday, 13 February 2012

Microsoft Patch Tuesday: 2011 Round-up


It's that time of the month again, and Microsoft is preparing to release (notice I did not say unleash) a number of updates to the Windows domain. It looks like Feb will be an "average" month with 9 updates; 4 rated as Critical and subsequently 5 rated as Important. 

There will be a complete analysis of this February update available on the ChangeBASE\Quest website (and this blog) on Wednesday morning, so I thought that I might take the time to have a quick look at the numbers Microsoft released over last year (2011)'s Patch Tuesday.

Starting with a brief summary for the year of 2011, Microsoft released 100 updates through the normal Patch Tuesday release cycle with the following Severity (or Ratings);

Critical: 34
Important: 63
Moderate: 3

I have also compiled some tables (with pretty diagrams) that illustrate the profile for the Microsoft Patch release cycle. Here you can "surges" in some months and then quieter months. January is generally quiet as the patch cycle is "working from one month behind", so you can see the months that Microsoft is really busy. Namely,  Jan (with large releases in Feb), March (large release in April) and following with May (subsequent large update in June). 

Not sure about the exact reason for this, other than loads of people are off in December and therefore there are less updates for Jan.


I have also compiled a table of the targets for each patch. You can see the the largest target is Windows (do we need a pie-chart here?) and then Office. 


Hopefully, this following histogram illustrates the severity rating over several months for the year of 2011. April and June really do look quite serious when you look at things like this....

And, instead of a pie-chart, and I thought a 3-landscape diagram might help more (or, couldn't figure out the pie-charts stuff, sorry)



So how does this help? Well, given the number of patches this year (2012), with 7 releases  in Jan and 9 updates  in February (already quite high), we might expect to see a significant up-tick in the number of patches and security updates from Microsoft. As the year progresses, I will start do some more trending analysis and see how things look.







No comments: