“Software vulnerabilities don’t follow timetables”
You gotta love the term Zero-day Wednesdays. It explains in a sentence everything that is wrong with Microsoft’s Patch Tuesday, the major problem being Microsoft trying to regulate the industry without having the power to do so.
Just because Microsoft decided to issue security patches on the 2nd Tuesday of every month doesn’t mean the people finding security holes will adhere to this schedule. In fact, knowing how the ‘bad guys’ think, it gives them a fool-proof algorithm to maximize damage. Want to release a Zero-day? You no longer have to wait until Christmas to catch the administrators out on their new year’s vacation – just wait until the 2nd Wednesday of the month and you will have admins scattering around for a month until a patch is released.