What is a patch?
The term ‘patch’ comes from the very early days of computing, when updates would be issued on paper tape or punch cards, so to apply the update users would literally have to apply a patch to the original material.
Nowadays, we use the term to describe an update that fixes a particular issue, typically a security vulnerability.
Why do we need patches?
Modern software applications can be very complex, which makes it difficult for developers to ensure that every aspect not only works correctly, but is designed in a way that prevents security vulnerabilities.
We should also think about testing. Let’s say, for example, that two people each spend a full 24 hours testing the software for bugs. The software is then launched, and 100 people immediately download it. Within the first hour, the software has already been used for more than double the length of time it was tested for. In other words, the userbase is always going to be quicker to find issues than the developers. And if there’s an issue, it’ll need a patch.
Even if it were possible to launch software that was 100% watertight, the tools cyber criminals use are also evolving, meaning something that is secure today might not be secure tomorrow.
Why is patching important?
When someone in the cybersecurity community finds an issue with software, they let people know about it. They want to raise awareness so that people using the software know it might not be safe, and the developers can start working on a fix for it.
Unfortunately, there’s no way to raise the alarm without also telling cyber criminals how they might exploit the vulnerability.
This means these vulnerabilities could be a lot more than a theoretical problem; there’s every chance that there are attackers out there that know exactly how to exploit them. In other words, you have a ‘KICK ME’ sign hanging on your system, and patching is how you get rid of it.
Do patches take up space?
Not necessarily. Some patches are designed to replace existing files on your computer, some will and new files. Either way, the files are likely to be so small as to have virtually no impact on your hard disk space. If you are running out of room, there’s hundreds of easier ways to free up space than worrying about installing updates.
What happens if I don’t patch?
Well, there’s a myriad of ways which attackers can exploit a vulnerability, from stealing your data to installing ransomware. This, in turn, can lead to wider issues, like falling foul of data protection laws and damaging your brand, which can come with a hefty cost.
How do I make sure I’m fully patched?
Most applications aren’t shy about telling you that they need an update, so whenever you see an alert that something needs updating, action it as quickly as possible.
But if you’re managing a large organisation, it can be difficult to keep a handle on whose machine needs which updates. For more complex requirements, you might want to look into vulnerability management services, which can detect where the vulnerabilities are and tell you how to fix them, turning a search for a needle in a haystack to a simple checklist.