Posted By: ASK
Posted date: April 26, 2019
In: ASK, Microsoft, Mike Maddox
It was just over a year ago that Microsoft rolled out a
security patch that would leave businesses scrambling as they came into work to
find workstations unable to access the network or the internet. This incident
eventually was coined the name “Microsoft Zero Day Patch.” As technology
consultants and technicians, this is the very thing that makes our skin crawl and
keeps us up at night.
Microsoft Zero Day Patch
To recap what happened in March 2018, Microsoft rolled out a
security patch without putting it through the normal vetting process. Chances
are, if you’re a technician reading this right now, you are either shaking your
head in disbelief or cringing at the fact we are making you recall this
incident. So what was Microsoft thinking anyway? Microsoft’s rationale was that
the exposure of the patch it was designed to address was significant enough to
justify rolling it out without testing it first. After they rolled out the
patch, some workstations were unable to connect to the network or Internet.
This caused havoc for thousands of companies worldwide – and may ASK clients
The Impact of the Patch
The day that Microsoft issued the patch, we had dozens of
clients impacted by the rollout. Our clients were down, and that meant that we
had an all-hands-on-deck response. With our incredible technical staff, we were
able to have our clients back in operation and our team back to headquarters by
early afternoon. It was a whirlwind of a day, but a successful one
After we were able to catch our breath, we sent out numerous
communications to our clients with our plan to address this issue in the
future. Even though this issue was out of our control, our first priority is to
care of our clients.
Why We Didn’t Ignore It
Sadly, Microsoft did not come up with a resolution, so it fell on us to clean up the mess. Many technology firms considered the problem “unsolvable” and waited on Microsoft to fix it. When it comes to security issues like this, we don’t take our chances. We didn’t shrug our shoulders and say, “It’s not our fault.”
As an IT provider, things like this may not be our fault, but it most certainly is our responsibility to provide our clients with guidance and options for resolution. We refuse to accept a problem as “unsolvable.” We are proud to say that after a continuous effort from our entire staff and our tech services team, we can mark the Microsoft Zero Day Patch issue as resolved for our clients. This involved a painstaking process of applying the patch individually to each client in a planned and controlled manner. We knew that this would involve hundreds of man hours and massive amounts of communication. Even so, the thought of ignoring the problem was never an option for us. We state “that the client’s best interest will guide every decision that we make” so, for us there was no choice but take this on.