Virtually any non-trivial computer system includes a data backup and data recovery sub-system. A backup saves files as they exist at the time the backup is made. Backups serve many purposes, including file restoration in the event of accidental deletion or corruption, or for disaster recovery or compliance purposes.
One typical use of backups is to save operating system and application executable files and data. It is common for operating system and application files to be updated after their initial release by a vendor. These updates are referred to as patches. A patch is an update to one or more files of an operating system or application. The patch may serve various purposes, including providing fixes to errors in the software, or providing fixes to potential security vulnerabilities that leave a system open to attack. Such security vulnerabilities are sometimes referred to as security holes, in that they provide an opening for an attacker to attempt to exploit the vulnerability to gain control of the system or to take potentially sensitive information from the system. Because a backup saves files as they exist at the time the backup is made, patches that are released for application after the backup is made are not included in the backup. A subsequent restore of a file that has had a patch released after the backup was made will not include the patch, and will thus be vulnerable to any attacks that may have been cured by the patch.