The only patching I knew about was how to patch a bicycle or car tyre as a child. The idea and concept are still the same for technology hardware and software, with our reliance on all things digital at an all-time high. The massive profit motive for cybercriminals has caused them to make significant investments in finding new ways to access our systems, networks, and computers.

Long gone are the days when we were worried about youngsters in their parents’ basement creating viruses to unleash on the world for notoriety, kicks and giggles. Cybercrime is now a multi-billion-dollar global business, and criminals are always looking for bugs, holes and vulnerabilities in every bit of technology we use. Too often, we ignore updates or click on “Do it later”. We must plug those online holes which leave the door open for illegal entry.

What are patches?

Patches or software code fixes existing vulnerabilities or bugs, broken functionality, add new functionality, or fixes security holes found after a new piece of software or hardware. Patches are essential to keep IT environments running smoothly and secure.

As a regular home user or solopreneur, applying these patches is usually a simple click of a button. It is a little bit more complicated for a larger size business as generously applying patches can halt existing processes and cause things to break, affecting many users and the company. Patch management requires more mature organisations to have guidelines and policies for how patches should be tested and applied to their environments. It is helpful to understand the different types of patches for you to create a patch management strategy.

Types of Patches

Software patches come in different categories and may be called other names, which lead to confusion for the less technical amongst us. One major vendor, Microsoft, classifies patches into three basic categories: Hotfixes, Roll-ups, Service Packs. Hotfixes are small patches designed to fix a single problem and are developed either in response to a security advisory or customer request. Occasionally, Microsoft combines several hotfixes into a single package called a roll-up. Service Pack (SP) or Feature Pack (FP) — Major patches that comprise a collection of updates, fixes, or feature enhancements to a software programme delivered in the form of a single installable package. These typically fix any outstanding issues and generally includes all the patches, hotfixes, maintenance and security patches released before the service pack.

Importance of Patch Management

Most businesses have no formal patch management process; this is not good. One of the most significant ransomware attacks globally, the WannaCrypto (WannaCry) ransomware cyberattack, exploited a known vulnerability on over 200,000 computers across 150 countries, causing damages estimated from hundreds of millions to billions of US dollars in May 2017. Sadly, people still think, “it won’t happen to me”.

Fifty-seven per cent of data breaches are attributed to poor patch management; the United States Computer Emergency Readiness Team (US-CERT) Vulnerability Database has confirmed 17,447 vulnerabilities recorded in 2020. A wide range of solutions exists to assist organisations in reducing vulnerabilities. Go ahead and patch those holes.

Christopher Reckord is CEO of Managed IT services provider tTech Limited. Trevor Forrest is the founder and CEO of 876 Technology Solutions. Collectively, they have approximately 80 years of experience helping organisations of varying sizes procure and implement information technology solutions and transform digitally.