Patch (computing)
From Wikipedia, the free encyclopedia
A patch is a small piece of software designed to update or fix problems with a computer program or its supporting data. This includes fixing bugs, replacing graphics and improving the usability or performance. Though meant to fix problems, poorly designed patches can sometimes introduce new problems (see software regressions).
Patch management is the process of using a strategy and plan of what patches should be applied to which systems at a specified time.
Contents |
[edit] Types
Programmers publish and apply patches in various forms. Because proprietary software authors withhold their source code, their patches are distributed as binary executables instead of source. This type of patch modifies the program executable—the program the user actually runs—either by modifying the binary file to include the fixes or by completely replacing it.
Patches can also circulate in the form of source code modifications. In these cases, the patches consist of textual differences between two source code files. These types of patches commonly come out of open source projects. In these cases, developers expect users to compile the new or changed files themselves.
Because the word "patch" carries the connotation of a small fix, large fixes may use different nomenclature. Bulky patches or patches that significantly change a program may circulate as "service packs" or as "software updates". Microsoft Windows NT and its successors (including Windows 2000, Windows XP, and later versions) use the "service pack" terminology.
In several Unix-like systems, particularly Linux, updates between releases are delivered as new software packages. These updates are in the same format as the original installation so they can be used either to update an existing package in-place (effectively patching) or be used directly for new installations.
[edit] History
Applying a patch once involved a tedious, error-fraught process that required end-users to follow an often ill-documented set of procedures. Missing or misapplying a step usually resulted in having to re-install both the application and patch. Today, patch installation generally occurs automatically.
Historically, software suppliers distributed patches on paper tape or on punched cards, expecting the recipient to cut out the indicated part of the original tape (or deck), and patch in (hence the name) the replacement segment. Later patch distributions used magnetic tape. Then, after the invention of removable disk drives, patches came from the software developer via a disk or, later, CD-ROM via mail. Today, with almost ubiquitous Internet access, end-users must download most patches from the developer's web site.
Today, computer programs can often coordinate patches to update a target program. Automation simplifies the end-users' task -- they need only to execute an update program, whereupon that program makes sure that updating the target takes place completely and correctly. Service packs for Microsoft Windows NT and its successors and for many commercial software products adopt such automated strategies.
Some programs can update themselves via the Internet with very little or no intervention on the part of users. The maintenance of server software and of operating systems often takes place in this manner. In situations where system administrators control a number of computers, this sort of automation helps to maintain consistency. The application of security patches commonly occurs in this manner.
[edit] Application
The size of patches may vary from a few kilobytes to hundreds of megabytes — mostly more significant changes imply a larger size, though this also depends on whether the patch includes entire files or only the changed portion(s) of files. In particular, patches can become quite large when the changes add or replace non-program data, such as graphics and sounds files. Such situations commonly occur in the patching of computer games. Compared with the initial installation of software, patches usually do not take long to apply.
In the case of operating systems and computer server software, patches have the particularly important role of fixing security holes. To facilitate updates, operating systems often provide automatic or semi-automatic update facilities.
Completely automatic updates have not succeeded in gaining widespread popularity in corporate computing environments, partly because of the aforementioned glitches, but also because administrators fear that software companies may gain unlimited control over their computers. Package management systems can offer various degrees of patch automation.
Usage of completely automatic updates is far more widespread in the consumer market, due largely to the fact that Microsoft Windows added support for them, and Service Pack 2 of Windows XP enabled them by default.
Cautious users, particularly system administrators, tend to put off applying patches until they can verify the stability of the fixes. Microsoft (W)SUS support this. In the cases of large patches or of significant changes, distributors often limit availability of patches to qualified developers as a beta test.
Applying patches to firmware poses special challenges: re-embedding typically small code sets on hardware devices often involves the provision of totally new program code, rather than simply of differences from the previous version. Often the patch consists of bare binary data and a special program that replaces the previous version with the new version is provided. A motherboard BIOS update is an example of a common firmware patch. Any unexpected error or interruption during the update, such as a power outage, may render the motherboard unusable. It is possible for motherboard manufacturers to put safeguards in place to prevent serious damage. An example safeguard is to keep a backup of the firmware to use in case the primary copy is determined to be corrupt (usually through the use of a checksum, such as a CRC).
[edit] Computer games
Unlike applications such as word processors, patches play a unique role in computer games. Computer games often — almost always today — require patches to fix compatibility problems after their initial release.
Patches may also be released to change game rules or algorithms. These patches may be prompted by the discovery of exploits in the multiplayer game experience that give canny users unfair advantages. Extra features and game play tweaks are also often added. These kinds of patches are especially common in MMORPGs and first-person shooters.
Multiplayer games may reject any users that are not using the same patch version in order to avoid conflicts between versions. This also gives users an incentive to update their versions.
Microsoft released a patch for their Microsoft Flight Simulator after the attacks on New York on September 11, 2001. It removed the World Trade Center from the New York scenery on earlier versions of the simulator, a rare example of a patch released to assuage public sensitivity rather than fix technical problems.
[edit] Tools
There are several tools to aid in the patch application process, such as RTPatch, JUpdater or StableUpdate. WinZip Self-Extractor can launch a program that can apply a patch.
[edit] Patches in software development
Patches sometimes become mandatory to fix problems with libraries or with portions of source code for programs in frequent use or in maintenance. This commonly occurs on very large-scale software projects, but rarely in small-scale development.
In open source projects, the authors commonly receive patches or many people publish patches that fix particular problems or add certain functionality, like support for local languages outside the project's locale. In an example from the early development of the Linux operating system (noted for publishing its complete source code), Linus Torvalds, the original author, received hundreds of thousands of patches from many programmers to apply against his original version.
The Apache HTTP Server originally evolved as a number of patches that a webmaster created to add new features to NCSA HTTPd, hence the name that implies that it is a collection of patches: "a patchy server". The FAQ on the project's official site states that the name 'Apache' was chosen from respect for the Native American Indian tribe of Apache. However, the 'a patchy server' explanation was initially given on the project's website.[1]
[edit] Security patches
If a patch is a piece of data used to update a software product, then a security patch is a change applied to an asset to correct the weakness described by a vulnerability. This corrective action will prevent successful exploitation and remove or mitigate a threat’s capability to exploit a specific vulnerability in an asset.
Security patches are the primary method of fixing security vulnerabilities in software. Currently Microsoft releases their security patches once a month, and other operating systems and software projects have security teams dedicated to releasing the most reliable software patches as soon after a vulnerability announcement as possible. Security patches are closely tied to responsible disclosure.
[edit] Hot patching
Hot patching is a technology that allows patches to be applied without shutting down and restarting the system or the program. This addresses problems related to unavailability of service provided by the system or the program.[2][3]. A patch that can be applied in this way is called a hot patch.