I. Background of Patch Management (cont'd)
- Source Code Patch
Patches can also be circulated in the form of source code modifications and consist of textual differences between two source code files. These types of patches commonly come out of open source projects or shareware, and are published via authors' websites or open source application directory such as sourceforge and codeplex. In this case, authors expect users to compile the new or changed source codes themselves in order to achieve the purpose of functional upgrade or problem fixing.
- Service Pack
Bulky patches or patches that significantly change a program may be distributed as "service packs" or "Software packages". For example, Microsoft Windows NT and its successors (including Windows 2000, Windows XP, and later versions) have issued several service packs.
In several Unix-like systems, particularly Linux, updates between releases are delivered as new software packages. These updates are in the same format as the original installation so they can be used either to update an existing package in-place (effectively patching) or be used directly for new installations.
- Firmware Patch
Firmware patches are used to update the internal control over the hardware devices and consists of bare binary data and a special program that replaces the previous version with the new version provided.
A motherboard BIOS update is an example of a common firmware patch. Installation of firmware patch must be handled with care as any unexpected error or interruption during the update, such as a power outage, may render the hardware unusable.
Most exploits in the wild target known vulnerabilities in software applications and can be mitigated by applying corresponding patches. However, there are customers who have vulnerable applications that have not been updated for almost 10 years.
See the article: http://news.threattrends.com/2010/12/20/have-you-patched-your-system-lately/