Security Encyclopedia


In information technology, a Patch is a modification to a program to improve its security, performance, or other feature. A patch is sometimes referred to as a bug fix since a reason for a patch is an imperfection that is discovered by its developers or users.

To make edits, developers use debugging software to make patches that are temporary or permanent. Doing so is not foolproof as some patches negatively affect performance or have ripple effects that interrupt features.

Patching software can be part of an application’s lifecycle, or timeline of anticipated changes, or it can be in response to news of a security vulnerability, performance issue, or other defect. Patches can be deployed to proprietary software as binary changes, delivered as executable files (.exe). Patches to source code generally occur in open-source software and developers are responsible for carrying over the update into their uses of the open-source software. Patches range in size making “patch” or “bug fix” synonymous with a modest change. Larger changes are generally referred to as “software updates”. Some enterprise software providers use their own jargon such as “service pack” (Windows) and “Corrective Service Diskette” or “FixPack” (both, IBM).


"When we patched our mobile app to add more authenticators, it inadvertently caused the success screen upon the completion of an authentication to malfunction. Now nothing is displayed even if the authentication succeeds."