Hi. Craig Peterson here with a blink into understanding Upgrades, Updates, and Patches. When/How/Why’s
When vendors become aware of vulnerabilities in their products, they often issue patches to fix those vulnerabilities. Patches tend to be small changes to their software to fix one specific problem, often the problem is a zero-day cybersecurity vulnerability.
Sometimes the problem is too big to issue a quick patch. This is where Updates come in. Usually updates involve fundamental changes in the way the software works, and this is often because of a design flaw in the software.
Upgrades typically are related to new functionality, and although they may have some security improvements, they are not issued just to fix a cybersecurity vulnerability.
Every piece of software needs updates or patches from time-to-time to fix vulnerabilities. Some software, such as Microsoft’s Windows Operating System, can automatically install its own patches. But these updates only apply to the Operating System itself.
Software such as Adobe Reader, Java, and Flash do NOT get updates when Windows updates. In fact, to stay safe, you might want to remove all three pieces of these security-challenged software from all of your computers.
Steps to take:
- Enable automatic software updates on all your software.
- Do not use unsupported End-of-Life software.
- Always visit vendor sites directly rather than clicking on advertisements or email links.
- Avoid software updates while using untrusted networks.