What are the different types of patches?

Cyber Security
,
#1

Software patches fix existing vulnerabilities or bugs as they are found after a piece of software or hardware has been released. There are several types of patches:

  • Hotfix – A hotfix patch is designed to fix a specific issue and unlike typical patches, these hotfixes are developed and released as soon as possible to limit the effects of a software issue. Hotfixes can be applied while the software or system is still running (hot), without the need to restart or close the program. A hotfix may not be publicly disclosed.
  • Point Release – A point release (also known as a dot release) is a small or relatively minor update intended to fix an error or flaw of a piece of software without adding features.
  • Maintenance Release – Incremental update between service packs or software versions to fix multiple outstanding issues
  • Security Patches – A security patchis a change applied to an asset to correct the weakness described by a vulnerability. This corrective action will prevent successful exploitation and remove or mitigate a threat’s capability to exploit a specific vulnerability in an asset. Patch management is a part of vulnerability management – the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities (security risks).
  • Service Pack (SP) or Feature Pack (FP) – Major patches that comprise a collection of updates, fixes, or feature enhancements to a software program delivered in the form of a single installable package, these typically fixe many outstanding issues and normally includes all the patches, hotfixes, maintenance and security patches released before the service pack.

Most of us are familiar with Windows Service Packs, for example Microsoft began rolling out the Windows 10 Version 1903 Update service pack on May 21, 2019, which became available to all users on June 6th. Microsoft Windows 10 Version 1903 introduced privacy setting updates, more control over how Window updates are applied, a sandbox for professional users, passwordless login, screen mirroring for Android phones, enhanced troubleshooting and security features.

  • Unofficial Patches – These patches are created by a third-party or a user community, most often because of a lack of support from the original software developer (e.g. the software company went out of business) or when a software product has reached its defined end-of-life.

Like an ordinary patch, these are designed to correct bugs or software flaws. Nefarious individuals can introduce unofficial patches to create security vulnerabilities; while this is rare and quickly reported, we recommend only installing patches from trusted sources and for businesses to avoid unofficial patches.

  • Monkey Patches – Similar to unofficial patches, a monkey patch (also known as a guerrilla patch) is an update designed to extend or modify the behavior of a plugin or software product locally without altering the source code.

Patches are designed to repair a vulnerability or flaw identified after an application or software is released. As we’ve learned, there are many types of patches. For this article, we’ll focus on official patches (hotfixes, point releases, security patches, and service packs).

Unpatched software can make the device a vulnerable target of exploits. Software patches are a critical component of IT operations and security.

Patch Vulnerabilities by The Numbers