MERIT Solutions Blog

MERIT Solutions has been serving the Chesapeake area since 1982, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

You Need To Be Familiar With Patching Terminology

You Need To Be Familiar With Patching Terminology

Over the past several months, while watching the news or reading about business and technology, you’ve probably encountered a few words, such as ‘ransomware’ ‘exploit weakness’, and ‘security patch’. These terms are used often, and you may be confused as to what they really mean, and how they relate to you and the security of your business’ data.

In recent months, ransomware attacks like WannaCry and other malware have made headlines, with cyber criminals exploiting weaknesses in networks, application deployments, and operating systems. What is very hard for some people to understand is that often the weaknesses being exploited are known by software developers, who have released security updates known as ‘patches.’

For many small business owners and personal PC users, a better understanding of types of patches, how they work, when they’re released, and how to access them might be all that stands between a hacker and your network. Here are five terms that are associated with the continuous software updates that aim to protect users from data loss or worse.

Patch Tuesday - For those who allow their computer to update and install patches automatically, it might have never really occurred to them that there was a schedule as to when Microsoft released patches. Similar to how new movies are released or video games are launched on specific days of the week, Microsoft releases patches on the second (and sometimes fourth) Tuesday of each month. With newer operating systems and software versions, there might come a time where Patch Tuesday becomes obsolete in favor of a real-time data exchange where software and applications are constantly updated as needed.

Security Patching - This is what most people think of when they think of a patch for a piece of software or an application. It’s a series of data and files that fix or mitigate the threat of a known issue or vulnerability. These are generally what are provided on official patch days, like Patch Tuesday. That is, of course, unless the patch is a zero-day or immediate release, an action usually reserved for major security risks or weaknesses found after they have been exploited.

Hotfix - Sometimes referred to as a ‘Quick-fix Update’ ‘Quick-fix Engineering Update’ or ‘General Distribution Release’, a hotfix is a small patch that fixes a single bug or vulnerability that is significant enough that it should not wait until the next scheduled patch release. Although, Microsoft itself no longer uses the term ‘hotfix’ in an official capacity, the term is still widely used by majority of the industry.

Zero Day Vulnerability - This is a specific type of weakness that is not discovered or disclosed until the hackers are already exploiting it. This is called ‘zero day’ because software developers and advocates have no time - or zero days - to create a patch or develop a work around, leaving both users and developers scrambling to keep data safe.

Whitelisting - As related to malware and ransomware, whitelisting is the process in which a patch or application is declared safe, allowed access to the network, or otherwise approved for a certain network or program. The term ‘whitelist’ comes from the opposite of ‘blacklist’. Made popular during the Cold War, blacklist refers to a list of people or items that are banned, rejected, or labeled in a negative way. Whitelisting was tossed around when so many WannaCry victims had the security patch needed since March. Many establishments were waiting for internal IT departments to test and officially ‘whitelist’ the patch which would allow the installation of the security patch needed to eliminate the vulnerability exploited by the WannaCry ransomware.

Truthfully, there is a lot more to patches than just the five terms above - and the more your business relies on technology the more important proper maintenance of technology - including patches and updates, becomes to your continued success. In the end, working with MERIT Solutions will help you make sure that your business is always properly updated, with pertinent, whitelisted patches. Call us at (757) 420-5150 to learn more.

e-max.it: your social media marketing partner
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 24 August 2017
If you'd like to register, please fill in the username, password and name fields.

Tag Cloud

Security Tip of the Week Cloud Technology Best Practices Privacy Business Computing Hackers Malware Hosted Solutions Backup Software Internet Network Security google Productivity Computer Windows 10 Business Microsoft Disaster Recovery IT Services Business Continuity VoIP Innovation Managed IT Services Hardware IT Support communications Business Management Outsourced IT User Tips Mobile Devices Windows Efficiency Email Mobility Saving Money Save Money Telephone Systems Managed IT Server Productivity Ransomware Operating System Hosted Solution Mobile Device Management Quick Tips Apps Virtualization Smartphone Cybercrime Law Enforcement Information Technology Passwords browser Recovery Password Small Business Android Data BDR Money Computers VPN Facebook Unsupported Software Wireless Budget Cybersecurity Social upgrade Hacking BYOD Avoiding Downtime Chrome Health Communication Miscellaneous Office 365 Office tips Private Cloud Social Media Government Cloud Computing USB Save Time Smartphones Data Management Gadgets Risk Management Workplace Tips Microsoft Office Work/Life Balance Google Drive Automation Firewall Telephony Application Alert search App Current Events Managed Service Provider Saving Time Robot HaaS Applications History Office End of Support Computer Care Remote Computing Personal Information Cleaning Phishing Proactive IT Automobile Data Storage Best Practice Users Internet of Things Gmail The Internet of Things Disaster Spam Humor Update Phone System Shortcut Employer-Employee Relationship IT solutions Cost Management DDoS Network Identity Theft Holiday Hacker Samsung Television Flexibility Social Engineering Solid State Drive Internet Exlporer Audit Wireless Technology Streaming Media Compliance WiFi Wi-Fi Mobile Computing Going Green Bandwidth Transportation Antivirus Data Backup Battery Marketing Entertainment Outlook Nanotechnology Running Cable Touchscreen Server 2008 Electronic Medical Records Ali Rowghani Point of Sale Managed IT Service Webinar Trending HIPAA Excel Uninterrupted Power Supply Black Market Root Cause Analysis Artificial Intelligence User Error Laptop Scam Avoid Downtime IT solutions Politics Regulation Shadow IT Augmented Reality Managed IT Services Touchpad server installation dvd "cannot install required files" Reputation stock Employer Employee Relationship Document Management Screen Mirroring Windows 10s Advertising Experience Sync Keyboard Data Breach tweet Computer Accessories Cast Video Games Hard Disk Drive Mobile Device Data storage Adobe Virtual Reality OneNote Emails calculator Administration Twitter Chromecast Data Security Legal Windows 10 control Music Hiring/Firing Sports Encryption Meetings Colocation WSJ Vendor Management HBO Vulnerability Hard Drives SaaS Exchange Analytics Tech Support Benefits Files Instant Messaging Settings Distributed Denial of Service altivista Administrator Worker Commute Lithium-ion battery Data Protection iOS Unified Threat Management SBS Big Data Managing Stress IT Support compaq Relocation Apple Training Access IT Management Scalability Computer Fan Wearable Technology Upgrades Books Education Commerce hp iPhone Company Culture WIndows Server 2008 Router How To Dark Web PDF Consultant domain Smart Technology Data Recovery Value Patch Management Text Messaging Two-factor Authentication remote Content Filtering Yahoo Business Intelligence eWaste

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

No comments yet.