MERIT Solutions Blog

MERIT Solutions has been serving the Chesapeake area since 1982, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

You Need To Be Familiar With Patching Terminology

You Need To Be Familiar With Patching Terminology

Over the past several months, while watching the news or reading about business and technology, you’ve probably encountered a few words, such as ‘ransomware’ ‘exploit weakness’, and ‘security patch’. These terms are used often, and you may be confused as to what they really mean, and how they relate to you and the security of your business’ data.

In recent months, ransomware attacks like WannaCry and other malware have made headlines, with cyber criminals exploiting weaknesses in networks, application deployments, and operating systems. What is very hard for some people to understand is that often the weaknesses being exploited are known by software developers, who have released security updates known as ‘patches.’

For many small business owners and personal PC users, a better understanding of types of patches, how they work, when they’re released, and how to access them might be all that stands between a hacker and your network. Here are five terms that are associated with the continuous software updates that aim to protect users from data loss or worse.

Patch Tuesday - For those who allow their computer to update and install patches automatically, it might have never really occurred to them that there was a schedule as to when Microsoft released patches. Similar to how new movies are released or video games are launched on specific days of the week, Microsoft releases patches on the second (and sometimes fourth) Tuesday of each month. With newer operating systems and software versions, there might come a time where Patch Tuesday becomes obsolete in favor of a real-time data exchange where software and applications are constantly updated as needed.

Security Patching - This is what most people think of when they think of a patch for a piece of software or an application. It’s a series of data and files that fix or mitigate the threat of a known issue or vulnerability. These are generally what are provided on official patch days, like Patch Tuesday. That is, of course, unless the patch is a zero-day or immediate release, an action usually reserved for major security risks or weaknesses found after they have been exploited.

Hotfix - Sometimes referred to as a ‘Quick-fix Update’ ‘Quick-fix Engineering Update’ or ‘General Distribution Release’, a hotfix is a small patch that fixes a single bug or vulnerability that is significant enough that it should not wait until the next scheduled patch release. Although, Microsoft itself no longer uses the term ‘hotfix’ in an official capacity, the term is still widely used by majority of the industry.

Zero Day Vulnerability - This is a specific type of weakness that is not discovered or disclosed until the hackers are already exploiting it. This is called ‘zero day’ because software developers and advocates have no time - or zero days - to create a patch or develop a work around, leaving both users and developers scrambling to keep data safe.

Whitelisting - As related to malware and ransomware, whitelisting is the process in which a patch or application is declared safe, allowed access to the network, or otherwise approved for a certain network or program. The term ‘whitelist’ comes from the opposite of ‘blacklist’. Made popular during the Cold War, blacklist refers to a list of people or items that are banned, rejected, or labeled in a negative way. Whitelisting was tossed around when so many WannaCry victims had the security patch needed since March. Many establishments were waiting for internal IT departments to test and officially ‘whitelist’ the patch which would allow the installation of the security patch needed to eliminate the vulnerability exploited by the WannaCry ransomware.

Truthfully, there is a lot more to patches than just the five terms above - and the more your business relies on technology the more important proper maintenance of technology - including patches and updates, becomes to your continued success. In the end, working with MERIT Solutions will help you make sure that your business is always properly updated, with pertinent, whitelisted patches. Call us at (757) 420-5150 to learn more.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, July 20 2018

Captcha Image

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Cloud Network Security Business Computing Hackers Malware Software Productivity Internet Hosted Solutions Managed IT Services Backup Business Management Mobile Devices google Computer Disaster Recovery Outsourced IT Microsoft Business IT Support Hardware communications VoIP Business Continuity Windows 10 Innovation IT Services Email Cybersecurity User Tips Efficiency Data Backup Windows Cybercrime Tech Term Saving Money Managed IT Mobile Device Management Data Recovery Server Ransomware Small Business Apps Internet of Things Mobility Operating System Productivity Data browser Law Enforcement Smartphone Office 365 Android Virtualization BDR Telephone Systems Money Save Money Hosted Solution Quick Tips Passwords Phishing Cloud Computing Smartphones Data Security Network Communication IT Support Microsoft Office VPN BYOD Automation Managed Service Provider Password Holiday Information Technology Chrome Recovery Collaboration Facebook Government Hacking Google Drive Avoiding Downtime Two-factor Authentication Wireless Alert Health Update Miscellaneous Vulnerability Gadgets Risk Management Computers Workplace Tips Unsupported Software Social Media Best Practice Data Breach Work/Life Balance upgrade Cost Management Social Budget Wi-Fi Data Management Application App Current Events Audit Tech Support Data Protection Compliance Personal Information User Error Wireless Technology Blockchain Politics Telephony Gmail USB Cleaning Save Time Spam Private Cloud Office tips Applications History Users Identity Theft Remote Computing Managed IT Services Proactive IT Artificial Intelligence Social Engineering Flexibility Shortcut Streaming Media The Internet of Things Router Employer-Employee Relationship Firewall search Antivirus Sports Content Filtering Battery eWaste HaaS Hacker Internet Exlporer Solid State Drive Redundancy Management Automobile Travel Value Commerce iPhone Cortana Mobile Security Saving Time Mobile Computing Patch Management Devices Windows 10 Office Transportation Computer Care Phone System Google Assistant IT solutions Robot Legal Encryption DDoS Wireless Charging Excel Fraud End of Support Data Storage OneNote Television Big Data Networking Apple Disaster Humor Education Project Management Data Loss Vendor Management WiFi SaaS Marketing Going Green MSP Google Docs Samsung Bandwidth Conferencing Content Filter remote Unified Threat Management HBO Webinar Colocation Microsoft Word Students Yahoo Mobile intranet Microsoft Excel Computing Training Remote Monitoring Hard Drives Entertainment Running Cable Files Gifts Monitoring Server 2008 Upgrades Electronic Medical Records IT solutions Point of Sale Administrator Unified Communications Ali Rowghani Lithium-ion battery Professional Services IT budget File Sharing Analysis Company Culture HIPAA Trending Black Market Consultant IT Management Maintenance Safety Windows 10s Smart Technology Nanotechnology Relocation Access Financial Storage App store Avoid Downtime Shadow IT Credit Cards Financial Technology server installation dvd "cannot install required files" WIndows Server 2008 Device Security Hard Disk Drive Root Cause Analysis Document Management Bring Your Own Device stock Tablets Identities PDF Experience FAQ Printing Augmented Reality Hybrid Cloud tweet NFL IoT Lifestyle Identity Business Intelligence Text Messaging Touchscreen Video Games Virtual Reality Charger calculator Outlook Spyware Scam Business Technology Twitter Word Language Legislation Data Privacy control Managed IT Service Music Computer Forensics iOS Employer Employee Relationship Wasting Money WSJ Windows Ink Uninterrupted Power Supply Comparison Hard Drive Exchange Analytics Laptop Instant Messaging Distributed Denial of Service Evernote PowerPoint altivista Regulation Edge Keyboard Computer Fan Virus Computer Accessories Worker Commute Amazon Google Maps Specifications Chromebook SBS Mobile Device Screen Mirroring Touchpad Reputation Managing Stress Wireless Internet compaq Sync Ciminal Dark Web Software as a Service Proactive Meetings Advertising Virtual Assistant Wearable Technology Sales Smart Tech Cast Books Emails Scalability Hiring/Firing Workers Gamification hp Adobe Websites Settings Data storage Alexa for Business How To Retail Connectivity domain Benefits WannaCry Administration Chromecast Updates Memory Licensing Data Theft Monitors Emergency Thank You Congratulations Worker CrashOverride Cache

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Anna Jackson 5 SEO Tools To Get a Google-Eye View of Your Website
15 September 2017
Hello Randall! I was doing very important work but due to your subject I felt better to stay at you...
David Miller Not all project-management tools are right for all businesses
25 August 2017
All the points depicted by you in this blog is v.apt. I love the title of this blog because it says ...