Government Agencies To Get Early Dibs On Windows Patches - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications

Government Agencies To Get Early Dibs On Windows Patches

Microsoft will give the federal government patches to fix security holes in Windows and other software a month before the general public receives them.

Microsoft will give the Air Force and other federal agencies software patches to test a month before the general public receives them. The arrangement is part of Microsoft's Security Update Validation Program, a "closed beta program" introduced within the past 12 months.

Microsoft will begin giving prerelease software patches to the Air Force, The Wall Street Journal reported Friday. The Department of Homeland Security will give advance notice of the new vulnerabilities to other government agencies and distribute the patches to them after they've been tested by the Air Force, the newspaper reported.

Advance testing will make it possible for government agencies to install the patches as soon as Microsoft releases the final versions. That's aimed at helping agencies stay ahead of hackers, who often are able to develop attacks that exploit a software hole less than a week after Microsoft discloses the vulnerability.

The early-access program is also available to select business customers.

The software updates are provided to program participants only for testing purposes, a Microsoft spokesman says. "Customers are specifically prohibited from deploying these security updates in a production environment," the spokesman says via E-mail. "Participants are testing prerelease software, therefore the updates are provided only to deploy in a test environment. Participants can only deploy the security updates to their entire infrastructure when they are released to the general public."

The issue of providing advance access to security bulletins and software patches is a sensitive subject for Microsoft and other software vendors, who need to ensure that information and code don't find their way to hackers before final patches are available for all customers. And customers who don't receive advance notice may believe they're at a disadvantage.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
Will AI and Machine Learning Break Cloud Architectures?
Lisa Morgan, Freelance Writer,  6/10/2019
Slideshows
9 Steps Toward Ethical AI
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/15/2019
Commentary
Humans' Fascination with Artificial General Intelligence
Guest Commentary, Guest Commentary,  6/6/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
Slideshows
Flash Poll