Why Software Vendors Periodically Release Updates and Patches

The first bug in an application is usually the most difficult, and it does NOT do everything that needs to be done for you. That’s just plain wrong. Yes, they have a better understanding of how and where a particular vulnerability occurs, and they can probably fix it before the public. However, if you’re at a network function (the shared domain controller, mainframe, or the myriad of servers running Windows Server), you need to have that patch. It’s not something to worry about when playing on new casino sites, unless you use the app and are periodically prompted to complete updates. That’s why they can’t let those bugs go any longer, if there’s a fix, they’re going to bring it out.

Your mileage may vary, but I have developed some software patches that had bugs that were so tiny that the application did not crash. Unfortunately, I had the solution available, I knew the application, and so I applied the patch (same as you do when applying security updates), and I knew it would make no difference. The application didn’t crash. If I had installed the application, the server ran at maximum load, and I would have had the same results.

If you don’t update your software patches, the vulnerability exists to the world. No matter how much you increase the security of your product, your users will find a way to exploit it.

Oftentimes, we make decisions with the assumption that everything will remain static. What do you mean, you’re using this software to process a transaction? Well, then, you know it’s going to be static for the next couple of months, right?

You must update your software whenever you have a security patch available. If you don’t update, someone could potentially use the vulnerability to gain access to your network.

Over the past few years, I have given out security patches, and I can tell you that if I didn’t give it out, someone else did. The best part is that I wouldn’t have been able to see who it was. All I would have done is find out a week later what happened. In my case, there was a denial of service attack at a server in the Ukraine, and the security team there had to work around the patch. In some cases, the patch actually made it worse. Sometimes I have to search for an obscure bug (I always hope it won’t be security related, so it’s unlikely it will be security related), and I have to take the patch out.

Security patch releases are not quick. They are not instant. However, I can assure you that even if you’re using the latest version of Windows, it won’t be flawless. Over the years, I’ve watched people install security patches, and I can tell you that at least 3-4 times, it works just fine for a couple of months. Then, inevitably, it will not work. I know that it will work, because I created it. It works because of my security patch. I bet you can think of some security patches that don’t work.

As the end of the year approaches, I have a recommendation for you. If you find security patches, install them. If you find security patches that make the product slower, slower. If it doesn’t work, you can take it out. That’s what I want you to do.

Leave a Reply

Your email address will not be published. Required fields are marked *

Name *

Share This

Share this post with your fellow geeks