Philippe's blog

Security patches

P.Leclercq in Security    2025-09-21   technology  security tips 

article header image

Automatically apply security patches

In a world where cyber threats evolve rapidly, regularly updating systems is essential to protect your data. Security patches close vulnerabilities exploited by hackers, but applying them manually can be tedious and often overlooked. Automating this process is therefore an effective solution to ensure continuous protection. This is the reason why it is the second recommendation in the Cybersecurity Fundamentals Small, and is present in all the main security frameworks.

It’s true that sometimes an insufficiently tested update can cause problems in specific cases, but this risk is much lower than leaving systems exposed and unupdated.

Operating Systems

Modern operating systems for personal computers (Windows, macOS) or phones and tablets (Android, iOS) are generally configured by default to automatically install updates, or at least download them and notify you when they are ready and prompt you to restart your devices.

Applications

For installed applications, this isn’t always the case.

  • On a phone, if you only use the official app stores (Google Store or Apple App Store), the situation is the same: you can choose to download and install updates automatically, or to be notified and update manually.
  • On a computer, applications aren’t managed by the operating system manufacturer, and the update mechanism is therefore completely dependent on the applications themselves. Some have tools that constantly check for new versions and perform updates automatically and silently (Firefox, for example), others check for updates when they are launched, and others do nothing and rely on manual checks. If you install multiple applications, this can become tedious.

Windows Tools for Automatic Application Updates

There are applications that help update applications in bulk, eliminating the need to launch them individually, perform manual updates, and navigate through various menus during installation.

Patch My PC

Patch My PC is a handy, free tool that can update over 500 applications (2,600 in the paid version). (Furthermore, it is created by an American company, but has roots in Belgium and Europe. See https://patchmypc.com/about-us/).

Download

Log in to Windows with an administrator account. With your browser, go to patchmypc.com.

Patchmypc.com website

In the top menu, choose the Solutions option.

Patchmypc Solutions page

Click on Home Updater, on the right.

Patchmypc Home Updater page

The download will start.

Downloading Patchmypc

Installation

Wait for the download to complete.

Patchmypc download complete

Then, double-click on the downloaded file. PatchMyPC - HomeUpdater.msi. Windows will ask for permission to run the installation.

Patchmypc installer authorization popup

Click OK. The installation can then begin.

Patchmypc installer window

Select the I agree to the license terms and conditions option and click Install.

The installation will begin. At this point, other dialogs may open for the installation of additional packages, such as the .NET runtime or C++ libraries, if they are not already installed. Accept the installations.

Execution

Finally, the application will start. Patch My PC will scan your computer, detect installed applications, and check for available updates. Since it requires administrator rights, an authorization window will first appear.

Patchmypc privileged execution authorization popup

Patchmypc main window with discovered up to date and outdated applications

In this example, it found three installed applications, one of which, WinSCP, is out of date, indicated by a red Outdated button.

Patchmypc button to update outdated applications

Clicking this button will download and update the application immediately.

Patchmypc downloading latest application update

The installation will run silently in the background.

Patchmypc after application update

Automation

You can schedule Patch My PC to run automatically at regular intervals.

In the left column, click Scheduler.

Patchmypc scheduler activation page

Click On. The scheduling settings appear. You can choose the day, time, and frequency of execution (daily, weekly, monthly), and whether to allow the schedule to run even if you’re not logged in.

Patchmypc scheduler page

After configuring the settings, don’t forget to click Save Schedule.

Winget

For those who aren’t afraid of the command line, the utility winget, installed by default since recent versions of Windows 10, is a very handy and lightweight tool for updating installed programs.

  • winget list lists installed programs, including Windows applications.
  • winget upgrade lists programs for which an update is available.
  • winget upgrade <component> updates the component.

Example:

C:\users\plc>winget list
...................................................................
Name                                 Id                                    Version           Available           Source
-----------------------------------------------------------------------------------------------------------------------
Mozilla Firefox (x64 en-US)          Mozilla.Firefox                       142.0.1           143.0.1             winget
Mozilla Maintenance Service          ARP\Machine\X64\MozillaMaintenanceSe… 142.0
VLC media player                     ARP\Machine\X64\VLC media player      3.0.21
Patch My PC Home Updater             PatchMyPC.PatchMyPC                   5.3.0.0                               winget
QEMU guest agent                     SoftwareFreedomConservancy.QEMUGuest… 109.1.0                               winget
Virtio-win-driver-installer          ARP\Machine\X64\{B198BE6B-4EB7-4771-… 0.1.271
Microsoft Edge                       Microsoft.Edge                        140.0.3485.66     140.0.3485.81       winget
WinSCP 6.3.7                         WinSCP.WinSCP                         6.3.7             6.5.3               winget
Microsoft Windows Desktop Runtime -… Microsoft.DotNet.DesktopRuntime.8     8.0.18            8.0.20              winget
...

C:\Users\plc>winget upgrade
...................................................................
Name                                         Id                                Version       Available           Source
-----------------------------------------------------------------------------------------------------------------------
Mozilla Firefox (x64 en-US)                  Mozilla.Firefox                   142.0.1       143.0.1             winget
Microsoft Edge                               Microsoft.Edge                    140.0.3485.66 140.0.3485.81       winget
WinSCP 6.3.7                                 WinSCP.WinSCP                     6.3.7         6.5.3               winget
Microsoft Windows Desktop Runtime - 8.0.18 … Microsoft.DotNet.DesktopRuntime.8 8.0.18        8.0.20              winget
Microsoft Teams                              Microsoft.Teams                   1.0.0.0       25241.203.3947.4411 winget
Windows Terminal                             Microsoft.WindowsTerminal         1.22.12111.0  1.23.12371.0        winget
6 upgrades available.

C:\Users\plc>winget upgrade winscp
..................................................................
Found WinSCP [WinSCP.WinSCP] Version 6.5.3
This application is licensed to you by its owner.
Microsoft is not responsible for, nor does it grant any licenses to, third-party packages.
Downloading https://sourceforge.net/projects/winscp/files/WinSCP/6.5.3/WinSCP-6.5.3-Setup.exe/download
  ██████████████████████████████  11.6 MB / 11.6 MB
Successfully verified installer hash
Starting package install...
The installer will request to run as administrator. Expect a prompt.

Successfully installed

Conclusion

Update your devices regularly. Opt for automatic updates when they are available, and use tools to save time when they are not.

Tags technology  security tips 
Home   Top