Share This Post

Patch Management / Patch Tuesday

Understanding How Microsoft Determines to Secure Windows Now or Later

Understanding How Microsoft Determines to Secure Windows Now or Later

A draft document is circulating that showcases Microsoft’s decision tree for determining if known security vulnerabilities will get patched through servicing or if the company will wait until later to resolve them.

Here’s the premise of the document…

Our commitment to protecting customers from vulnerabilities in our products, services, and devices includes providing security updates that address these vulnerabilities when they are discovered. We also want to ensure we are transparent with our customers in our approach. This document helps to describe the criteria the Microsoft Security Response Center (MSRC) uses to determine whether a reported vulnerability will be addressed through servicing, or in the next version of a product. For vulnerabilities in products, this servicing takes the form of a security update, most commonly released as security updates on Update Tuesday. The purpose of this document is to clarify the commitments as they pertain to Windows.

Download the PDF: Microsoft Security Servicing Commitments


Looking for an awesome, no-nonsense technical conference for IT Pros, Developers, and DevOps? IT/Dev Connections kicks off in Dallas, Texas in 2018!

IT/Dev Connections

Share This Post

Leave a Reply