4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

You Need To Be Familiar With Patching Terminology

You Need To Be Familiar With Patching Terminology

Over the past several months, while watching the news or reading about business and technology, you’ve probably encountered a few words, such as ‘ransomware’ ‘exploit weakness’, and ‘security patch’. These terms are used often, and you may be confused as to what they really mean, and how they relate to you and the security of your business’ data.

In recent months, ransomware attacks like WannaCry and other malware have made headlines, with cyber criminals exploiting weaknesses in networks, application deployments, and operating systems. What is very hard for some people to understand is that often the weaknesses being exploited are known by software developers, who have released security updates known as ‘patches.’

For many small business owners and personal PC users, a better understanding of types of patches, how they work, when they’re released, and how to access them might be all that stands between a hacker and your network. Here are five terms that are associated with the continuous software updates that aim to protect users from data loss or worse.

Patch Tuesday - For those who allow their computer to update and install patches automatically, it might have never really occurred to them that there was a schedule as to when Microsoft released patches. Similar to how new movies are released or video games are launched on specific days of the week, Microsoft releases patches on the second (and sometimes fourth) Tuesday of each month. With newer operating systems and software versions, there might come a time where Patch Tuesday becomes obsolete in favor of a real-time data exchange where software and applications are constantly updated as needed.

Security Patching - This is what most people think of when they think of a patch for a piece of software or an application. It’s a series of data and files that fix or mitigate the threat of a known issue or vulnerability. These are generally what are provided on official patch days, like Patch Tuesday. That is, of course, unless the patch is a zero-day or immediate release, an action usually reserved for major security risks or weaknesses found after they have been exploited.

Hotfix - Sometimes referred to as a ‘Quick-fix Update’ ‘Quick-fix Engineering Update’ or ‘General Distribution Release’, a hotfix is a small patch that fixes a single bug or vulnerability that is significant enough that it should not wait until the next scheduled patch release. Although, Microsoft itself no longer uses the term ‘hotfix’ in an official capacity, the term is still widely used by majority of the industry.

Zero Day Vulnerability - This is a specific type of weakness that is not discovered or disclosed until the hackers are already exploiting it. This is called ‘zero day’ because software developers and advocates have no time - or zero days - to create a patch or develop a work around, leaving both users and developers scrambling to keep data safe.

Whitelisting - As related to malware and ransomware, whitelisting is the process in which a patch or application is declared safe, allowed access to the network, or otherwise approved for a certain network or program. The term ‘whitelist’ comes from the opposite of ‘blacklist’. Made popular during the Cold War, blacklist refers to a list of people or items that are banned, rejected, or labeled in a negative way. Whitelisting was tossed around when so many WannaCry victims had the security patch needed since March. Many establishments were waiting for internal IT departments to test and officially ‘whitelist’ the patch which would allow the installation of the security patch needed to eliminate the vulnerability exploited by the WannaCry ransomware.

Truthfully, there is a lot more to patches than just the five terms above - and the more your business relies on technology the more important proper maintenance of technology - including patches and updates, becomes to your continued success. In the end, working with 4IT will help you make sure that your business is always properly updated, with pertinent, whitelisted patches. Call us at 305-278-7100 to learn more.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, 21 August 2017
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

Qr Code

Tag Cloud

security Tip of the Week Technology Cloud Best Practices Privacy Microsoft Business Computing Internet software Backup Hackers Hosted Solutions Productivity Business Management Managed Service Provider Malware IT Services Business Google Efficiency Windows Innovation IT Support Hardware Disaster Recovery Workplace Tips Saving Money VoIP Business Continuity Virtualization Upgrade Computer Windows 10 Miscellaneous User Tips Data Mobile Devices Mobile Device Management Server Mobile Computing Email Communication Network Network Security Save Money Quick Tips Alert BYOD Going Green communications Mobile Office Information Technology Social Media Smartphones Microsoft Office Apps Office Small Business Health Smartphone Android Application Ransomware Browser Gadgets Outsourced IT Operating System Disaster Tablet Managed IT Services Firewall Avoiding Downtime IT Solutions Mobility Spam BDR Risk Management Search Productivity WiFi Managed IT Holiday Chrome The Internet of Things Remote Computing Unified Threat Management Passwords Data Management Vendor Management Hard Drives Saving Time Employer-Employee Relationship Telephone Systems Budget History Remote Monitoring Automation Hacking Facebook Best Practice Marketing Phishing Password Cybercrime Hosted Solution Computers Customer Relationship Management Recovery Phone System VPN Wireless Technology Cybersecurity Office Tips Apple Big Data Bring Your Own Device USB Social Content Filtering Analytics Gmail Router Proactive IT Money Telephony Humor Administration User Error Wearable Technology Lithium-ion battery iPhone Collaboration Maintenance PowerPoint Virus Current Events Law Enforcement Antivirus Printer Outlook Encryption Social Engineering Point of Sale IT COnsultant Government App Wireless Computer Repair Unsupported Software Cost Management Private Cloud Intranet Google Drive Cloud Computing Bandwidth Printer Server Save Time Laptop OneNote Users Education Trending Net Neutrality Windows 8 Work/Life Balance HaaS Shortcut Office 365 Business Intelligence Tech Support Paperless Office Update Customer Service Network Congestion Biometrics hacker Retail Fax Server Virtual Reality Personal Information Help Desk Workplace Transportation Meetings Data Storage Streaming Media Computer Care Battery Robot Uninterrupted Power Supply Instant Messaging Emails online currency Data Backup Automobile End of Support HIPAA Entertainment Benefits Computer Accessories DDoS Internet Exlporer Mouse Compliance Social Networking Efficency Internet of Things Identity Theft Data Protection Solid State Drive Two-factor Authentication Flexibility Managing Stress Excel SaaS Audit IT Support Display Samsung Augmented Reality Colocation Consultant SharePoint Data Recovery Applications Sync The Blindside Of Ebay Debate Company Culture iOS Black Market Computing Access Touchscreen Teamwork Managed IT Service Politics IT Security Managed IT Services Busines Continuity Cleaning Networking Computer Fan Near Field Communication Experience Keyboard Avoid Downtime Nokia Human Resources Dark Web IT consulting Music Running Cable Screen Mirroring Hiring/Firing Twitter Data storage Reliable Computing Cast Books Surge Protector Smart Technology Bloatware Windows 10s Video Games Television Nanotechnology Document Management 3D Printing Data Security Data Breach Advertising Hard Disk Drive Legal Touchpad Mobile Device Branding Root Cause Analysis HBO Managed Security ISP Distributed Denial of Service Hard Drive Scam best practices CrashOverride WIndows 7 IT Management Programming Inbound Marketing Blogging eWaste Images Employer Employee Relationship data breach Regulations Sports Uograde Operating Sysytem Settings Worker Commute WIndows Server 2008 PDF Value Website risk management Scalability Cameras Files User Patch Management Safety Science OneDrive Text Messaging Virtual Desktop Windows 10 How To Presentation Amazon Chromecast Co-managed IT Upgrades Bluetooth Commerce Wi-Fi Best Available Wiring Regulation Emergency Artificial Intelligence Travel IT Technicians Information Training Vulnerability Administrator Lifestyle Buisness Adobe Shadow IT Relocation Webinar Tutorial IT solutions Gift Giving Taxes Storage Microblogging Youtube Supercomputer IT service Electronic Medical Records Sales IT Budget Domains Managed Service Provder Webinar Reputation