Hotfix

Last updated

A hotfix or quick-fix engineering update (QFE update) is a single, cumulative package that includes information (often in the form of one or more files) that is used to address a problem in a software product (i.e., a software bug). [1] Typically, hotfixes are made to address a specific customer situation.

Contents

The term "hotfix" originally referred to software patches that were applied to "hot" systems: those which are live, currently running, and in production status rather than development status. For the developer, a hotfix implies that the change may have been made quickly and outside normal development and testing processes. This could increase the cost of the fix by requiring rapid development, overtime or other urgent measures. For the user, the hotfix could be considered riskier or less likely to resolve the problem. This could cause an immediate loss of services, so depending on the severity of the bug, it may be desirable to delay a hotfix. The risk of applying the hotfix must be weighed against the risk of not applying it, because the problem to be fixed might be so critical that it could be considered more important than a potential loss of service (e.g., a major security breach).

Similar use of the terms can be seen in hot-swappable disk drives. The more recent usage of the term is likely due to software vendors making a distinction between a hotfix and a patch.

Details

A hotfix package might contain several "encompassed" bug fixes, raising the risk of possible regression. An encompassed bug fix is a software bug fix that is not the main objective of a software patch, but rather the side effect of it. Because of this, some libraries for automatic updates like StableUpdate also offer features to uninstall the applied fixes if necessary.

Most modern operating systems and many stand-alone programs offer the capability to download and apply fixes automatically. Instead of creating this feature from scratch, the developer may choose to use a proprietary (like RTPatch) or open-source (like StableUpdate and JUpdater) package that provides the needed libraries and tools.

There are also a number of third-party software programs to aid in the installation of hotfixes to multiple machines at the same time. These software products also help the administrator by creating a list of hotfixes already installed on multiple machines.

Vendor-specific definition

Microsoft

Microsoft Corporation once used the terms "hotfix" or "QFE" [2] [3] but has stopped in favor of new terminology: updates are either delivered in the General Distribution Release (GDR) channel or the Limited Distribution Release (LDR) channel. The latter is synonymous with QFE. GDR updates receive extensive testing whereas LDR updates are meant to fix a certain problem in a small area and are not released to the general public. GDR updates may be received from the Windows Update service or the Microsoft Download Center but LDR updates must be received via Microsoft Support. [4] [5]

Blizzard

The game company Blizzard Entertainment has a different use of the term hotfix for their games, including World of Warcraft and Diablo III : [6]

A hotfix is a change made to the game deemed critical enough that it cannot be held off until a regular content patch. Hotfixes require only a server-side change with no download and can be implemented with no downtime, or a short restart of the realms.

See also

Related Research Articles

<span class="mw-page-title-main">Windows XP</span> Sixth major release of Windows NT, released in 2001

Windows XP is a major release of Microsoft's Windows NT operating system. It was released to manufacturing on August 24, 2001, and later to retail on October 25, 2001. It is a direct upgrade to its predecessors, Windows 2000 for high-end and business users and Windows Me for home users, and is available for any devices running Windows NT 4.0, Windows 98, Windows 2000, or Windows Me that meet the new Windows XP system requirements.

<span class="mw-page-title-main">Windows Update</span> Software update distribution service for Microsoft Windows

Windows Update is a Microsoft service for the Windows 9x and Windows NT families of the Microsoft Windows operating system, which automates downloading and installing Microsoft Windows software updates over the Internet. The service delivers software updates for Windows, as well as the various Microsoft antivirus products, including Windows Defender and Microsoft Security Essentials. Since its inception, Microsoft has introduced two extensions of the service: Microsoft Update and Windows Update for Business. The former expands the core service to include other Microsoft products, such as Microsoft Office and Microsoft Expression Studio. The latter is available to business editions of Windows 10 and permits postponing updates or receiving updates only after they have undergone rigorous testing.

Virtual PC is an x86 emulator for PowerPC Mac hosts and a virtualization app for Microsoft Windows hosts. It was created by Connectix in 1997 and acquired by Microsoft in 2003. The Mac version was discontinued in 2006 following the Mac transition to Intel, while the Windows version was discontinued in 2011 in favour of Hyper-V.

IEEE 802.1X is an IEEE Standard for port-based network access control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.

<span class="mw-page-title-main">Service pack</span> Single installable package of software updates

In computing, a service pack comprises a collection of updates, fixes, or enhancements to a software program delivered in the form of a single installable package. Companies often release a service pack when the number of individual patches to a given program reaches a certain (arbitrary) limit, or the software release has shown to be stabilized with a limited number of remaining issues based on users' feedback and bug reports. In large software applications such as office suites, operating systems, database software, or network management, it is not uncommon to have a service pack issued within the first year or two of a product's release. Installing a service pack is easier and less error-prone than installing many individual patches, even more so when updating multiple computers over a network, where service packs are common.

A patch is a set of changes to a computer program or its supporting data designed to update, fix, or improve it. This includes fixing security vulnerabilities and other bugs, with such patches usually being called bugfixes or bug fixes. Patches are often written to improve the functionality, usability, or performance of a program. The majority of patches are provided by software vendors for operating system and application updates.

Patch Tuesday is an unofficial term used to refer to when Microsoft, Adobe, Oracle and others regularly release software patches for their software products. It is widely referred to in this way by the industry. Microsoft formalized Patch Tuesday in October 2003. Patch Tuesday is known within Microsoft also as the "B" release, to distinguish it from the "C" and "D" releases that occur in the third and fourth weeks of the month, respectively.

<span class="mw-page-title-main">Windows Vista</span> Seventh major release of Windows NT

Windows Vista is a major release of Microsoft's Windows NT operating system. It was released to manufacturing on November 8, 2006, and became generally available on January 30, 2007, on the Windows Marketplace, the first release of Windows to be made available through a digital distribution platform. Vista succeeded Windows XP (2001); at the time, the five-year gap between the two was the longest time span between successive Windows releases.

<span class="mw-page-title-main">Windows Server Update Services</span> Update distribution system for Windows Server

Windows Server Update Services (WSUS), previously known as Software Update Services (SUS), is a computer program and network service developed by Microsoft Corporation that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment. WSUS downloads these updates from the Microsoft Update website and then distributes them to computers on a network. WSUS is an integral component of Windows Server.

<span class="mw-page-title-main">AutoPatcher</span> Offline updater

AutoPatcher is an offline updater and alternative to Microsoft Update that can be used for installing software patches, service packs and other updates for certain Microsoft Windows systems. It allows these to be downloaded on a different machine or in advance, and then installed without an internet connection. By doing this, system updates can be automated and scripted, time and bandwidth required to download relevant updates is reduced, and exposure of unsecured systems online can be avoided. AutoPatcher also allows installation of some common additional software, registry settings, and patches for other Microsoft software, notably Microsoft Office.

The Windows Metafile vulnerability—also called the Metafile Image Code Execution and abbreviated MICE—is a security vulnerability in the way some versions of the Microsoft Windows operating system handled images in the Windows Metafile format. It permits arbitrary code to be executed on affected computers without the permission of their users. It was discovered on December 27, 2005, and the first reports of affected computers were announced within 24 hours. Microsoft released a high-priority update to eliminate this vulnerability via Windows Update on January 5, 2006. Attacks using this vulnerability are known as WMF exploits.

Windows Filtering Platform (WFP) is a set of system services in Windows Vista and later that allows Windows software to process and filter network traffic. Microsoft intended WFP for use by firewalls, antimalware software, and parental controls apps. Additionally, WFP is used to implement NAT and to store IPSec policy configuration.

<span class="mw-page-title-main">Windows Essentials</span> Microsoft freeware applications suite by Microsoft

Windows Essentials is a discontinued suite of Microsoft freeware applications that includes email, instant messaging, photo sharing, blogging, and parental control software. Essentials programs are designed to integrate well with each other, with Microsoft Windows, and other Microsoft web-based services such as OneDrive and Outlook.com.

<span class="mw-page-title-main">Windows Server 2008 R2</span> Fifth version of Windows Server, released in 2009

Windows Server 2008 R2, codenamed "Windows Server 7", is the fifth version of the Windows Server operating system produced by Microsoft and released as part of the Windows NT family of operating systems. It was released to manufacturing on July 22, 2009, and became generally available on October 22, 2009, shortly after the completion of Windows 7. It is the successor to Windows Server 2008, which is derived from the Windows Vista codebase, released the previous year, and was succeeded by the Windows 8-based Windows Server 2012.

Oracle VM Server for x86 is the server virtualization offering from Oracle Corporation. Oracle VM Server for x86 incorporates the free and open-source Xen hypervisor technology, supports Windows, Linux, and Solaris guests and includes an integrated Web based management console. Oracle VM Server for x86 features fully tested and certified Oracle Applications stack in an enterprise virtualization environment.

Shavlik Technologies was a privately held company founded in 1993 by Mark Shavlik, who was one of the original developers of Windows NT in the late 1980s and early 1990s at Microsoft.

Long-term support (LTS) is a product lifecycle management policy in which a stable release of computer software is maintained for a longer period of time than the standard edition. The term is typically reserved for open-source software, where it describes a software edition that is supported for months or years longer than the software's standard edition.

Project Zero is a team of security analysts employed by Google tasked with finding zero-day vulnerabilities. It was announced on 15 July 2014.

JASBUG is a security bug disclosed in February 2015 and affecting core components of the Microsoft Windows Operating System. The vulnerability dated back to 2000 and affected all supported editions of Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1.

<span class="mw-page-title-main">BlueKeep</span> Windows security hole

BlueKeep is a security vulnerability that was discovered in Microsoft's Remote Desktop Protocol (RDP) implementation, which allows for the possibility of remote code execution.

References

  1. Bragg, Roberta (2003). "5: Designing a Security Update Infrastructure". MCSE Self-Paced Training Kit (Exam 70–298): Designing Security for a Microsoft Windows Server 2003 Network . Redmond, WA: Microsoft Press. p. 5–12. ISBN   0735619697.
  2. Mu, Chris (26 December 2007). "Something about Hotfix". HotBlog. Microsoft. Retrieved 8 November 2012.
  3. "Description of the contents of Windows XP Service Pack 2 and Windows Server 2003 software update packages (revision 11.1)". Support. Microsoft. 16 January 2008. Retrieved 8 November 2012.
  4. "What is the difference between general distribution and limited distribution releases?". MSDN Blogs. Microsoft. 11 March 2008. Retrieved 8 November 2012.
  5. Adams, Paul (14 May 2009). "GDR, QFE, LDR... WTH?". TechNet Blogs. Microsoft. Retrieved 8 November 2012.
  6. "WoW -> Info -> F.A.Q. -> Patches". November 1, 2009.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.