Posts in Category: Security

Second Tuesday of the month – should we reboot Russia?

If you have ever written a piece of software and given it to a group of people to use (even an Excel macro), you'll know the buzz from seeing them use something you've created to help make their work easier. I've been in the software development business since the 80's and even today I still get a kick when I visit a customer site and see a group of people working away using software we've written to help them run their company.

You'll also know the sinking feeling you get when you discover a bug in your software. Yes, it happens to everyone – even the best developers..  Then, once you've fixed it, you have the challenge of making sure everyone gets and installs your fix.  All part and parcel of modern software development and all professional development teams have ways of getting fixes out as seamlessly and reliably as possible.

Now, imagine you're part of Microsoft and your software is used on literally millions of PCs across the globe.  The sinking feeling on finding a bug, especially  if that bug represents a security hole, must be so much worse.

Fortunately, Microsoft has an organisation in place to cope with this eventuality.  In true MS fashion it's known as the MSRC (Microsoft Security Response Center) and the person whose job it is to make sure the fixes get to the people who need them, is a gentleman by the name of Dustin Childs.  As well as being technically very able, Dustin is also a great story teller and this video presentation gives you a peek into his world.

It's a world that revolves around the second Tuesday of each month when Microsoft issues their security updates, which in the UK we usually see on the second Wednesday of each month!  An environment where you know that 400 million PCs are on "auto update" and will automatically reboot tomorrow if needed and where you can literally reboot the PCs of a whole country if necessary - reboot Russia anyone?

The systems and processes in place for this are mind boggling and involve incredible amounts of testing before things are issued.  For example a single windows update will involve  testing the fix against over 9000 third party software applications! 

As Dustin freely admits in his blog things are not always 100% perfect all the time, however the efforts they put in to find and resolve problems are admirable.

So next time your windows update asks to restart your PC, think of Dustin and his team.Windows update requesting a PC restart

If you have 25 minutes to spare, I would highly recommend sitting down with a mug of coffee and watching Dustin's presentation and look out for the Microsoft to Facebook telephone call.