It was just over a year ago that Microsoft rolled out a security patch that would leave businesses scrambling as they came into work to find workstations unable to access the network or the internet. This incident eventually was coined the name “Microsoft Zero Day Patch.” As technology consultants and technicians, this is the very thing that makes our skin crawl and keeps us up at night.
MICROSOFT ZERO DAY PATCH
To recap what happened in March 2018, Microsoft rolled out a security patch without putting it through the normal vetting process. Chances are, if you’re a technician reading this right now, you are either shaking your head in disbelief or cringing at the fact we are making you recall this incident. So what was Microsoft thinking anyway? Microsoft’s rationale was that the exposure of the patch it was designed to address was significant enough to justify rolling it out without testing it first. After they rolled out the patch, some workstations were unable to connect to the network or Internet. This caused havoc for thousands of companies worldwide – and may ASK clients included.
THE IMPACT OF THE PATCH
The day that Microsoft issued the patch, we had dozens of clients impacted by the rollout. Our clients were down, and that meant that we had an all-hands-on-deck response. With our incredible technical staff, we were able to have our clients back in operation and our team back to headquarters by early afternoon. It was a whirlwind of a day, but a successful one none-the-less.
After we were able to catch our breath, we sent out numerous communications to our clients with our plan to address this issue in the future. Even though this issue was out of our control, our first priority is to care of our clients.
WHY WE DIDN’T IGNORE IT
Sadly, Microsoft did not come up with a resolution, so it fell on us to clean up the mess. Many technology firms considered the problem “unsolvable” and waited on Microsoft to fix it. When it comes to security issues like this, we don’t take our chances. We didn’t shrug our shoulders and say, “It’s not our fault.”
As an IT provider, things like this may not be our fault, but it most certainly is our responsibility to provide our clients with guidance and options for resolution. We refuse to accept a problem as “unsolvable.” We are proud to say that after a continuous effort from our entire staff and our tech services team, we can mark the Microsoft Zero Day Patch issue as resolved for our clients. This involved a painstaking process of applying the patch individually to each client in a planned and controlled manner. We knew that this would involve hundreds of man hours and massive amounts of communication. Even so, the thought of ignoring the problem was never an option for us. We state “that the client’s best interest will guide every decision that we make” so, for us there was no choice but take this on.