Microsoft Update Terminology

5/10/2007

Microsoft updates are classified according to their purpose. The following table details the Microsoft update terminology.

Term Description

Update

A security bulletin that is issued to a wide audience.

Hotfix

A fix that is designed to resolve a specific customer issue. Hotfixes are not released to the public.

QFE (Quick Fix Engineering update)

A fix that is not related to security and is issued to a wide audience.

Microsoft-provided Windows updates are further classified according to their level of urgency. The following table describes these levels.

Rating Description

Critical

Critical vulnerabilities involve exploits that can allow the propagation of a worm or virus without user action.

Important

Important vulnerabilities involve exploits that can result in compromise of the confidentiality, integrity, or availability of user data or processing resources.

Moderate

Exploitability is mitigated to a significant degree by factors such as default configuration, auditing, or difficulty of exploitation.

Low

A vulnerability whose exploitation is extremely difficult, or whose impact is minimal.

Updates for Windows XP Embedded are further classified by how they are deployed. The following table describes these types of updates.

Type Description

Desktop update

An update that is applied directly to a run-time image. For more information, see Desktop Update Overview.

Database update

An update that is applied to the component database. For more information, see Database Update Overview.

For more information about security updates, see the Microsoft Security Web site.

See Also

Other Resources

Run-Time Image Servicing
Manage and Service a Run-Time Image
Deploy a Run-Time Image