Security+ Objective 1.3 Implement OS hardening practices and procedures to achieve workstation and server security – patches

patchA patch is similar to a hotfix but differs in two main ways.  First, a patch is typically larger than a hotfix.  Second, a patch is less urgent and thus more thoroughly tested than a hotfix.  A vendor patch may be released to fix a single security issue that has been discovered in their software.  If a system is missing many vendor patches, there are probably many security vulnerabilities that can be exploited.

Another important note regarding patches concerns virtualization.  Each virtual computer and the virtual host machine must all be patched individually.

You should also know that, despite vendor testing, there are innumerable scenarios that patches are introduced into.  The vendor can’t possibly test absolutely every situation that could be encountered out in the wild world.  Before you install a patch to your production environment, you should test it to verify that it doesn’t cause application errors in your systems.

Hotfixes and service packs each have their own unique features that differentiate them from patches.  Make sure you know the difference.

Go back to the Exam Objectives list

Be Sociable, Share!


There are no comments yet...Kick things off by filling out the form below.

Leave a Comment