Software Patches & OS Updates

On this page:
Patch Terminology
Why Patch
What to Patch
How to Patch

Patch Terminology

For simplification, when referring to any update or fix to software or an operating system (OS), the term "patch" will be used. However, there are differences between these terminologies.

Patches

Like a patch for clothing, a software patch temporarily fixes a hole in an item that does not yet need to be replaced. In between releases of major versions of software, software publishers typically release patches to fix what's broken. It is literally a temporary addition to a piece of code that may or may not make it into the next release. A patch usually fixes something small and is quick to download and install. Some think of patches as fixes for software bugs and updates as added features, but the two terms are interchangeable.

Service Packs & Updates

Service Packs, a term used by Microsoft, are much bigger patch bundles and are often mentioned in the news when Microsoft releases one. Service Packs are generally very large files that typically include lots of patches to many things. Similarly, Apple releases what they call Updates, which are also bundled patches. They usually add or fix a feature in a program or an earlier patch. With Apple updates, the version number of a product will change, for example, from 10.4.11 to 10.4.12.

Upgrades

Upgrades, also known as software releases, are non-downloadable updates and are usually available via purchase only. For example, you cannot upgrade from Mac OS X 10.4 to 10.5, or from Microsoft Windows XP to Vista via your system's software update menu.

Why Patch?

If your computer seems to be working fine, you may wonder why you should apply a patch. By not applying a patch you might be leaving the door open for malware to come in. Many viruses, worms, and other malware exploit flaws in your system in order to do their work, while the time frame between an exploit and when a patch is released is continually getting shorter.

If a defect exists in a software client, even if you do everything right, bad things may still happen. Defects in clients like web browsers, email programs, image viewers, instant messaging software, and media players may allow malicious web sites, email messages, IM messages, images, and sound files to infect or compromise your computer with no action on your part other than viewing or listening to the web site, message, or media.

Defects in server software, like web servers, web applications, and core operating system services, can allow your computer to be infected or compromised just by being on the network and powered on.

What to Patch

Not all of the vulnerabilities that exist in products or technologies will affect you. However, any software you use is a potential source of vulnerabilities that could lead to a compromise of security or identity. The more commonly used a program is, the bigger target it represents and the more likely it is that a vulnerability will be exploited. Not all software companies release patches for download, so for the more obscure software you use, you may want to contact the vendor to receive updates, patches or vulnerability alerts. Additionally, don't forget to patch your anti-virus software.

How to Patch

Refer to this step-by-step guide to installing patches and updates.

Microsoft

Once a month (on Patch Tuesday, the second Tuesday of every month), Microsoft releases their Security Bulletins identifying new (usually critical) vulnerabilities. The Automatic Updates feature in your operating system gives an option for you to be notified of any updates before downloading them or it installs them automatically. The frequency of notification is up to you. At MIT, if you subscribe to WAUS ( Windows Automatic Update Service), you will receive a more conservative selection of the most critical security updates from Microsoft.

Apple

Mac OS X automatically checks for software updates provided you have an Internet connection. You can choose a different schedule (set weekly by default) or check manually. If you see an update that you will never use, you can inactivate it from the update menu.

Linux

Linux machines are not as simple to patch because of the nature of Linux software and its many distributions. Each distribution has a different method of patching. Learn more.