Feb. 16--On Tuesday evening, about a dozen software specialists at Shavlik Technologies gathered in a small Roseville conference room for a marathon of software testing that ran late into the night.

They could not go home until they had tested and delivered to legions of corporate customers the latest defenses against the biggest security threats to the nation's computers.

Within hours, their work went out over the Internet to their clients: network managers at Fortune 1000 companies who were waiting for the fruit of what the computer industry calls "Patch Tuesday."

That's the second Tuesday of every month, when Microsoft and other software firms release "software patches" to protect businesses and consumers from the latest hacker threats and computer program errors.

To outsiders, the monthly ritual of Patch Tuesday might seem a bit obsessive and geeky. But it's part of a deadly serious cat-and-mouse game between software writers and malicious hackers. It was created to defend against a series of devastating Internet attacks that began in 2001 with a self-replicating malicious program called Code Red that infected the computers hosting websites. Code Red was followed by the malicious Slammer and Blaster programs (2003) and the Sasser program (2004).

These days such widespread Internet attacks are rare, and one reason appears to be Patch Tuesday. As a result, software patch analysis and testing has become a specialized niche of the computer security business. Shavlik, BigFix of Emeryville, Calif., and Lumension Security of Scotts- dale, Ariz., are the three main national players, says computer industry research firm Gartner. Shavlik also offers software to automate applying software patches to corporate computer networks and to make sure no machine in the network has been missed.

CEO Mark Shavlik and Eric Schultze, the chief technology officer, are former employees of Microsoft, the world's largest software company and the founder of Patch Tuesday. Rebecca Shavlik, Mark's wife and a company co-founder, has retired from the business but sits on its board of directors.

Shavlik is one of several computer specialty firms in the Twin Cities that provide security software or consulting services. They include software firm Secure Computing of St. Paul, now part of California antivirus security company McAfee; the Roseville computer backup and recovery operations of California-based security firm Symantec; computer risk management consulting firm NetSpi of Minneapolis; and security software firm New Boundary Technologies of Minneapolis.