What is the process of updating software to fix vulnerabilities called?

Updating software to fix vulnerabilities is patch management. It’s the ongoing process of tracking, acquiring, testing, deploying, and verifying patches and updates across all endpoints and applications. The goal is to remediate security flaws as soon as fixes are released by vendors, reducing exposure and maintaining security posture. Patch management typically includes inventorying software assets, evaluating patch relevance, testing in a controlled environment to avoid compatibility issues, scheduling deployment, and verifying patch installation. This disciplined approach prevents attackers from exploiting known flaws and helps meet compliance requirements. The other terms don’t describe the remediation process. An advanced reporting tool focuses on generating insights and monitoring metrics, not applying fixes. Zero-day attacks refer to exploits that target vulnerabilities that are not yet known or patched, not the act of updating software. Exploits are the actual attack code or techniques used to take advantage of vulnerabilities, not the remediation process.