Maintenance/Patching Flashcards
(11 cards)
What is a software update?
Software updates take an existing piece of code and alter it. Motivations for this include adding and improving functionality, addressing and enhancing a security-related element, and removing bugs that affect how a program operates.
What is patching?
Patches are for newly identified shortcomings or dangers in existing software. They are small pieces of code that only modify the target area without impacting the general function of an application. The code deployed is never perfect. Over time incompatibilities or issues are identified. If the issue is determined to pose an immediate danger to a system then a patch will be issued to address the issue immediately. Later, at a scheduled update, a more permanent solution will be deployed. There are two categories of patches (bug fix and security).
What are the 2 Types of patches?
First, a bug fix patch is when an issue is identified with the code and the patch temporarily covers it. The second type is a security patch. It is when a vulnerability that can be exploited for malicious intent is identified. A security patches then issued to make the software more secure. Patches can be very useful because they either enhance existing software or make it more robust against attack.
What is maintenance?
Maintenance is defined as all the changes made to a code after deployment. This includes all the patches and updates. An update contains security and quality revisions and significant feature additions and changes. Maintenance is done during special maintenance windows and can include a scan for any malware and viruses.
How is a patch implemented?
A hot patch is an alteration to the code that does not require a system reboot. A cold patch requires the system to be rebooted before the update becomes active. Understandably, this can disrupt operations.
What is WannaCry?
In May 2017, a ransomware attack called WannaCry affected millions of computers. This attack exploited a shortcoming of Microsoft devices. It resulted in encryption software being installed on these devices. The information was held for ransom by the attackers. WannaCry is an instance of a zero-day exploit. This is an attack done on a detected unknown floor in a type of software. There’s no prior knowledge of the floor and therefore no defense to fight against it.
What is Petya?
A virus called Petya that exploded the same vulnerability. Computers affected by Petya were systems that were vulnerable because they did not download and install the Microsoft patch.
Pros of patching
It mitigates the risk of infection. Patches are often developed to fix bugs, or other floors in a system that might affect performance. To prevent system crashes and periods of offline activity that would halt productivity.
Cons of patching
Patches can also prevent breaches that expose sensitive data.
Reasons for patches?
It ensures that your system stays compatible with contemporary software, which itself is being updated constantly.
Deterrents for delay of patches
-Offline system takes times
-Changing elements or familiarity
or interface
-Slow/halt other activities
-Break workflow
