mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-12 22:24:56 +03:00
mukul975
30 lines
1.4 KiB
Markdown
30 lines
1.4 KiB
Markdown
# Standards and References - Patch Tuesday Response Process
|
|
|
|
## Microsoft Resources
|
|
- MSRC Security Update Guide: https://msrc.microsoft.com/update-guide
|
|
- Microsoft Security Blog: https://www.microsoft.com/en-us/security/blog/
|
|
- Windows Update for Business: https://learn.microsoft.com/en-us/windows/deployment/update/waas-manage-updates-wufb
|
|
- SCCM/MECM Patch Management: https://learn.microsoft.com/en-us/mem/configmgr/sum/
|
|
|
|
## Industry Standards
|
|
- **NIST SP 800-40 Rev 4**: Guide to Enterprise Patch Management Planning
|
|
- **CIS Controls v8.1 Control 7.4**: Perform Automated Patch Management
|
|
- **PCI DSS v4.0 Req 6.3.3**: Install security patches within one month of release
|
|
- **ISO 27001:2022 A.8.8**: Management of technical vulnerabilities
|
|
|
|
## Patch Tuesday Statistics (2025)
|
|
| Metric | Value |
|
|
|--------|-------|
|
|
| Total CVEs patched in 2025 | 1,129 |
|
|
| Year-over-year increase | 11.9% |
|
|
| Average CVEs per month | ~94 |
|
|
| Top category: Elevation of Privilege | ~49% |
|
|
| Top category: Remote Code Execution | ~34% |
|
|
| Zero-days patched in 2025 | Multiple per quarter |
|
|
|
|
## Vendor Analysis Resources
|
|
- Qualys Patch Tuesday Blog: https://blog.qualys.com/tag/patch-tuesday
|
|
- Tenable Patch Tuesday Analysis: https://www.tenable.com/blog/tag/patch-tuesday
|
|
- CrowdStrike Patch Tuesday: https://www.crowdstrike.com/blog/tag/patch-tuesday
|
|
- SANS ISC Patch Tuesday Dashboard: https://isc.sans.edu/patchtuesday/
|