The patch is part of software designed to update a computer program or its supporting data to correct or update it, including the fix:
- security vulnerabilities,
- addition of features,
- improve performance.
Without the patch, a system can have a loophole for malware.
Regular patch is done by turning on automatic updates on your operating system or software, so it can be installed after the patch was released by the vendor. However, the automatic update mechanism is something that is a problem within the company. IT administrators must perform the assessment of the impact of doing the patch against the existing system.
Although it aims to improve the program, patches sometimes bring new problems such as disruption of other functions. Patch management is the process of using the plans and strategies for choosing a patch of what will be used against what system at any given time.
Patch Management Tool
There are two types of patch management tool that is
- ISV vendors
- third party tool
ISV vendors has his own way to update the software. Examples of ISV vendors i.e. Windows server update service (WSUS) and Red Hat Network (RHN).
Third party examples are Tivoli Endpoint Manager (BigFIx), Vmware Update Manager. This tool provides schedulling and deployment of patches. However it still requires human intervention for the patch management process.
Pacth Management Process Workflow
In the notification, the availability of the patch detected either through a subscription to a notification system to the vendor and check the manual.
All those system administrators, support team, the application owner, the customer, are informed about the new patch. What system, time, and exceptions specified in the application of the patch.
Deployment and post deployment
The actions that need to be done on the previous stage, executed at this stage.