Updates are an essential part of IT’s lifecycle. Sometimes they fix security issues. Other times they fix bugs or add new features. Although we like to believe that things will run themselves, especially in cloud environments, it is important to keep them updated. It is important to understand the impact of these updates when designing an environment. This is the main focus of CompTIA’s Cloud+ certification exam.
1. Hotfix: Quickly fix a rare or edge case bug
Hotfixes are usually updates to fix specific issues. These hotfixes are often created by vendors to provide an interim solution until the next cumulative update. They are often applied live to running or hot systems. These hotfixes can be released outside of regular release cycles due to the nature of the issue. Microsoft releases patches every Tuesday, but hotfixes can be released outside of that window. They could then be included in the next patching cycle.
Hotfix deployment can pose risks. When deciding whether to deploy a hotfix, a systems administrator must weigh the benefits and risks. Although a hotfix may be available, the risk to the business may be too high. Therefore, a systems administrator may choose to wait before deploying.
2. Patch: Keep things up-to-date and secure
Although a patch may look similar to a hotfix in some ways, it is actually a patch that updates or modifies an item being updated. Instead of replacing an entire file, patches only the sections that need to be updated. This can be very similar in nature to a hotfix, except that it usually follows a defined release cycle. Vendors will release the patch in the next patching cycle if there is not an immediate need or significant impact on the issue it is fixing.
Learn how to become a security expert with SPOTO’s Cybersecurity Training
Get started training. There are pros and cons to patching. Although it can take a while for a patched to be released, it is much more time-consuming and well-controlled. Hotfixes may have unintended side effects due to their “quick and dirty” nature. While patches are being developed, they will likely follow standard release engineering that includes regression testing and quality assurance. Once hotfixes are thoroughly tested, they often make it into the patch release cycle.
3. Version Update: Major Bug Fixes and New Features
Version updates can be applied to many things. For example, for a Platform-as-a-Service offering using Java, there may be a Java version update from 1.7 to 1.8. A version update is simply an update that causes the version number increase. Some operating systems allow for in-place updates. Linux is generally very good about this. Minor and, in some cases, major version upgrades are possible.
It is important to review the release notes before you perform any version update. Features and functionality can change. Bugs are often fixed. However, bugs are often fixed. Sometimes features may be removed or made unavailable due to major version changes. In other cases, new features might be implemented.
OpenSSL 2.0 has new TLS suites, ciphers, and ciphers. Older, less secure suites and ciphers, however, are deprecated and removed over time. This can have an impact on the ability to conduct TLS negotiations. It is important to be aware of potential effects.
4. Rollback: A Backup Plan in the Event of an Unexpected Event
Updates have some risk. Some are known while others are not. A rollback procedure or process can be used to reduce these risks. There are many rollback options available, especially in cloud environments. A rollback procedure should be included in every update plan. Sometimes it is uninstalling the latest update.
Other platforms offer a rollback option for abusing one of the abs