Patch

Smartpedia: A patch is an update to a piece of software that closes security gaps and should therefore ideally be put into operation quickly by users.

Patch – closing a security hole in a software

A security vulnerability is a software error that allows hackers or malicious programs to penetrate a computer system. A patch closes such a security hole, fixes software errors and thus prevents hackers or malicious programs from succeeding.

In most cases, patches are created by the original software vendors. In some cases, they not only close security gaps through the updates, but also extend existing versions. Either way, patches should ideally go live quickly.

Patch – a frequently used term in software development

There are several terms that are used repeatedly – sometimes with overlap – in the context of software development:

  • A bug fix is the result of a manufacturer’s error correction, bugfixing is the activity of fixing errors.
  • A hotfix is the result of a manufacturer’s short-term bug fixing, hotfixing is the activity of fixing bugs as quickly as possible.

So the difference between bugfix and hotfix is the urgency of bug fixing. Consequently, the provision of bug fixes to users usually varies as well: a bug fix is usually integrated into a software during release planning and made available as a regular update. A hotfix, on the other hand, is delivered to the customer as quickly as possible, since the problems associated with the bug cannot be delayed.

The situation is similar with a patch: a security vulnerability in a software can have fatal consequences for users and, as a consequence, also for the software manufacturer. Any delay in remediation endangers the computer system and makes end devices vulnerable to attack. Great haste is required here, and that too regardless of whether the “general public” knows about the security gap or not. Criminal organisations that want to make security vulnerabilities their own do not normally find out about them from newspapers. They try to find them themselves in order to capitalise on them, for example by stealing data or installing encryption Trojans.

Other terms are

  • day one patches,
  • patch days and
  • patch management.

Day one patches are fixes made on the first day after an update is made available. Such improvements can often be observed in global companies that roll out updates automatically to smartphones, tablet PCs or PCs, for example. Here, various experts recommend waiting a few days before installing updates so as not to discover all the errors of a new version yourself, but to benefit from the findings of other users and subsequently from the manufacturers’ improvements. Even though in most cases the content is rather short-term bugfixes or hotfixes, the term patch is relatively common in such a use case.

Patch days are fixed days on which a company provides updates for many / most / all of their products. The term was made famous by Microsoft, which began offering all updates for download on one day – usually the second Tuesday of a month – in October 2003. The goal was to facilitate the work of administrators and the planning of efforts to deploy updates, because it allowed administrators to reserve the day for patch management.

Patch management tasks

Patch management is about managing activities on the part of the patch recipient. For example, it involves

  • the identification and procurement of updates,
  • checking for compatibility with other applications,
  • testing of functionality,
  • and the subsequent distribution in the network or on the corresponding end devices of the users.

Obviously, the effort required for these activities increases with the size of the recipient organization or the number of users. Here, it is necessary to find a reasonable measure of speed of commissioning with respect to the mentioned activities. Interestingly, the professional handling of security vulnerabilities is rarely considered an aspect of risk management.

Patch - an update to a software that closes security gaps

What does t2informatik do?

Was does t2informatik do? One click and you'll know it.

Notes:

The term patch also exists in other areas. In medicine, for example, it stands for the transplantation of skin tissue to other parts of the body, in tailoring, it is an applied stitch up, etc.

Here you can find a video about patching.

And here you can find additional information from our Smartpedia section:

Smartpedia: What is an Update?

What is an Update?

Smartpedia: What is Clean Code?

What is Clean Code?