John R. Hines’ Basic Computer Security for
Mere Mortals
How to have the most computer security with the least effort when you
don't have quick access to a computer security professional
John R. Hines Net+ Certified, Security+ Certified, Consulting Security
Engineer, LLC
Oholiab's first law of security (Murphy's first law of planning): The
important things are simple.
Oholiab's second law of security (Murphy's second law of planning): The
simple things are very hard.
Oholiab's comment on the laws of security: Simple and easy are not the same
thing! Fools do not know that.
Copyright © Consulting Security Engineer LLC. All rights reserved. 2016
ISBN N/A Version 1.2.2.2017090582300

Table of contents
Revision History
Security
What about security?
What is security?
What is computer security?
Is security a new problem?

What is in these notes?
What about measures?
What is a measure?
What is a low-reward measure?
What is a reasonable measure?
What is an unreasonable measure?

Feedback
What different about this series?


Section I: Simple measures to secure Windows 7, 8, and 8.1
Default problem #1: It is possible to enable the Administrator user
account
What is Administrator (The Administrator) (The one-and-only-real
Administrator)?
Mistake #1A: Failing to disable the Administrator user account
Mistake #1B: Using the Admin account instead of your adminequivalent account
Default problem #2: Windows doesn't force you to install hotfixes,
patches, and updates
What is a hotfix?
What is a patch?
What's an exploit?
What is an update?
What is an upgrade?
Mistake #2A: Using IE 8 (Internet Explorer 8) (or earlier) to download
patches
Mistake #2B: Not downloading and installing updates and upgrades for
non-Microsoft software
Mistake #2C: Downloading and installing software you don't plan to
use often
Mistake #2D: Downloading software from sites not closely associated
with the software
Default problem #3: Not all Windows versions automatically download
and install hotfixes, patches and updates for you (if you've turned off auto
update)
Default problem #4: Windows never automatically updates nonMicrosoft applications (even if auto update has been turned on)

Default problem #5: You choose your own user ID (user name) (user
identity)
Mistake #5A: Using PI in your user ID
Mistake #5B: Using company information in your user ID


Mistake #5C: Failure to store your user IDs (and passwords) (and pins)
in a SECURE place.
Mistake #5D: Storing your user IDs (and passwords) near your
computer.
Default problem #6: Windows doesn't create a standard user-equivalent
identity for you
Mistake #6A: See Mistake #5A
Mistake #6B: See Mistake #5B.
Mistake #6C: Failure to use standard user-equivalent identity unless
you need admin-equivalent privileges.
Mistake #6D: Creating a generic "convenience" identity to "simplify"
Default problem #7: Windows 7, 8, or 8.1 does not require strong
(enough) passwords
Mistake #7A: See Mistake #5A
Mistake #7B: See Mistake #5B
Default problem #8: Windows 7, 8. and 8.1 do not force you to turn on
account lockout
Mistake #8A: Leaving your PC turned on overnight and over
weekends.
Default problem #9: Some versions of Windows 7, 8. and 8.1
automatically install Windows Defender
What is antimalware (AM) (anti-malware)?
Mistake #9A: Failure to keep antimalware software current.
Default problem #10: Some versions of Windows 7, 8, and 8.1

automatically enable a default "Guest" account
What is a guest (guest account)?

Section II: Simple measures to secure Windows 10
What simple reasonable measure will improve your security on Windows
XP, Windows 7, Windows 8 or Windows 8.1?
What simple reasonable measures will improve your security on Windows
10?
Default problem #1: It is possible to enable the Administrator user


account
What is Administrator (The Administrator) (The one-and-only-real
Administrator)?
Mistake #1A: Failing to disable the Administrator user account
Default problem #2: Windows 10 allows you to turn off automatic
updating
Default problem #3: Windows never automatically updates nonMicrosoft apps (even if auto update has been turned on)
What is a bug fix (fix)?
What is a patch?
What's an exploit?
What is an update?
What is an upgrade?
Mistake #3A: Failing to check for patches and updates for nonMicrosoft software
Default problem #4: You choose your own user ID (user name) (user
identity)
Mistake 4A: Using PI in your user ID
Mistake #4B: Using company information in your user id
Mistake #4C: Failure to store your user IDs (and passwords) in a
SECURE place.

Mistake #4D: Storing your user IDs (and passwords) near your
computer.
Default problem #5: Windows 10 doesn't automatically create a standard
user-equivalent user ID (user identity) for you
Mistake #5A: Failure to create a standard user-equivalent user ID for
every user who has an admin-equivalent ID
Mistake #5B: See Mistake #4A
Mistake #5C: See Mistake #4B
Mistake #5D: See Mistake #4C
Mistake #5E: See Mistake #4D
Mistake #5F: Failure to use standard user-equivalent identity unless


you need admin-equivalent privileges.
Mistake #5G: Creating generic "convenience" identities to "simplify"
Default problem #6: Windows 10 does not require strong (enough)
passwords
Default problem #7: Windows 10 does not automatically turn on account
lockout
Mistake #7A: Leaving your PC turned on overnight and over
weekends.
Default problem #8: Windows 10 automatically installs Windows
Defender
What is antimalware (AM) (anti-malware)?
Mistake #8A: Failure to keep anti-malware software current

Section III: Simple measures to secure your router
What about routers?
What is a router?
What is a firewall (hardware firewall)?

What is a wireless router?
What is a wired router (hard-wired router)?
What is router firmware?
What is "flashing the ROM"?
What simple reasonable measures will improve your router security?
Default problem #1: Router firmware (software in hardware) is typically
out of date before you buy it.
What is a zero-day attack (zero-day exploit)?
What is an attacker?
Mistake #1A: Buying a bargain router.
Default problem #2: The default password is written on the side of the
router.
What's a dictionary password attack?
What's a strong password?
Mistake #2A: Not saving the changed password in a secure place.


Default problem #3: Most router hacks come from WIFI issues, not from
cable issues.
Default problem #4: WIFI networks should always use WPA2
encryption.
Mistake #4A: Using WEP encryption on your router.
Mistake #4B: Having no encryption on your router.
Default problem #5: WIFI name and passwords defaults are often chosen
to simplify installation, not to secure the router.
Mistake #5A: Not saving the changed WIFI name and password
(passwords) in a secure place.
Default problem #6: WIFI signals should not go (too far) beyond your
office.
What is war driving?

What is war flying?
Mistake #6A: Buying a large area router for a small office.

Section IV: Simple measures to secure your network
Why care about networks?
What is a cable modem?
What is the internet (public network)?
What is an intranet (private network)?
What is WIFI (Wi-Fi) (Wifi) (WiFi) (wireless networking) (unbounded
media)?
What is wired (hard-wired) (direct wired)?
What do these notes assume you've already done?
What simple reasonable measures will improve security on your intranet?
Measure #1: Have two routers: one for business use and one for all other
uses
Mistake #1A: Not moving computers that do both business and nonbusiness to the risky intranet
Mistake #1B: Not moving friends, family and visitors to WIFI
associated with the risky intranet


Mistake #1C: Telling friends, family, and visitors that you've put them
on the risky intranet
Measure #2: Have at least one old slow network computer for nonbusiness (and for friends and family) use
Mistake #2A: Not placing this computer on a less secure intranet (the
risky intranet, if you have one)
Measure #3: Shutdown the business (secure) router when no one is the
office
What is a zombie (member of a botnet)?
Mistake #3A: Letting your business computers participate in zombie
herds (botnets) when you're not in the office

Measure #4: Shutdown the risky (insecure) router when no one should be
on the internet
Mistake #4A: Letting your recreational computers participate in zombie
herds while everyone sleeps
Mistake #4B: Letting others (mostly, your children) run wild on the
internet while you sleep
Measure #5: Do a quick walk about every quarter (when the season
changes) (when TV switches to a different major sport)
What is an AUP (Acceptable Use Policy) (fair use policy)?
Mistake #5A: Failing to write a brief AUP
Measure #6: Do a quick audit of all computers about every quarter (when
the season changes) (when TV switches to a different major sport)
What is an admin-equivalent (admin-equivalent user)?
What is a Guest (Guest account)?
What is a standard user?
Mistake #6A: Allowing your users to manage their computers

Section V: Simple measures to secure your browser
What about browsers?
What is a browser?
What is an html browser (browser)?
What is HTML?


What is hypertext?
What is SGML (Standardized Generalized Markup Language)?
What are common browsers (html browsers) for Windows?
What is a TOR browser?
What is anonymize (verb)?
What is the dark web?

What is the deep web?
What is Tor (the onion router)?
What is TOR (Tor Project)?
What simple measures will improve browser security?
Measure #1: Keep your browser current
What is an exploit?
What is an update?
What is an upgrade?
Mistake #1A: Downloading an upgrade from a site not closely
associated with the company that develops your browser.
Measure #2: Browse as a standard user, not as a privileged user.
What is a privileged user?
What is a standard user?
Mistake #2A: Your standard user ID (user name) gives away PI
Mistake #2B: Your standard user password gives away PI
Measure #3: Go (mostly) to websites that have good security for users
Mistake #3A: Going to small websites with no obvious source of
support
Measure #4: Use antimalware that tracks sites with bad reputations
Measure #5: Immediately erase browser history of visits to sites where
you have entered PI
Measure #6: Never click on a website link before you see where it will
go
What is a rogue link?
What is hovering over a link?


Measure #7: Never go to a website if you wouldn't want everyone to
know that you’ve gone there
Mistake #7A: Going to an edgy (seedy) (salacious) website from your

good computer
What is NSFW (Not Suitable For Work)?
Mistake #7B: Failing to erase browser history after you've gone to a
questionable website
Measure #8: Never walk away from a computer without exiting from the
browser then logging out
Mistake #8A: Not having a screensaver that requires a password and
has a short trigger (time until it activates)
Measure #9: Almost never use a browser on a shared computer
Mistake #9A: See Mistake #7B
Measure #10: Do not attempt to surveil or collect PI belonging other
adults or the minor children of other adults
Mistake#10A: Looking at browser history on a shared computer or a
computer that isn’t yours
Mistake #10B: Surveilling someone without having a plausible noncomputer-related explanation for how you know what you shouldn't
know
Mistake #10C: Install a keyboard logger or other software to collect
information
Measure #11: Never allow someone to use on your personal computer for
any purpose

Section VI: Simple measures to secure your smartphone and tablet
What about phones and tablets?
What is a mobile (mobile device) (handheld computer) (handheld)?
What is a phone (wireless phone)?
What is cellular connectivity?
What is WIFI connectivity to the Internet?
What is a smartphone (Smart phone) (phone)?
What is direct manipulation?



What is a tablet?
What is a PIN (Personal identification number)?
What is Android?
What is Bluetooth?
What is Bluebugging?
What is Bluejacking (Blue jacking)?
What is Bluesnarfing?
What is iOS (iPhone OS) (not IOS)?
What is NFC (Near field) (Near field communication) (Near-field
communications)?
What simple reasonable measures will improve your phone and tablet
security?
Default problem #1: There is no definition of a "strong" PIN
What is a bad PIN?
Mistake #1A: Failure to save your PIN in a SECURE place.
Mistake #1B: Writing your PIN on the back of your phone or tablet.
Default problem #2: You must agree to an upgrade
What's a bug fix?
What’s a security fix?
Default problem #3: No antimalware on your phone or tablet
What is antimalware?
Mistake 3A: Failing to renew your antimalware database subscription
Default problem #4: No built-in backup for your phone and/or tablet
Mistake 4A: Using a non-secure remote backup.
Default problem #5: Bluetooth discovery mode is on
Default problem #6: NFC is on
What is NFC (Near field) (Near field communication) (Near-field
communications)?
Default problem #7: You can go wherever you want on the Internet


Section VII: Simple measures to secure your email


What about email?
What is email (Electronic Mail)?
What is a mail service?
What is an email document (eMail document) (email) (noun)?
What is MIME (Multi-Purpose Internet Mail Extensions)?
What is an email server?
What is a virtual post office?
What is clientmail (client-based email)?
What is email retention?
What is inbox management?
What is inbox zero?
What is webmail (web-based email)?
What about email security?
What is email security (eMail security)?
What is data at rest?
What is data in motion?
What is email tracking (eMail tracking)?
What is spam (Unsolicited Commercial Email) (UCE) (noun)?
What is spam (electronic spam) (verb)?
What simple things will improve email security?
Measure #1: Be skeptical of everything in every email
What is a con?
What is cui bono (who benefits)?
What is TANSTAAFL?
Measure #2: Use a business mail service account for serious email
Mistake #2A: Using a mail service that cancels accounts for reasons

other than failure to pay for your monthly charges, sending malware, or
sending spam
Mistake #2B: Using a mail service that doesn't actively search for
malware in emails


Mistake #2C: Using a mail service that doesn't actively filter out spam
Mistake #2D: Opening an email in your serious account because the
header is "prurient".
Mistake #2E: Opening an attachment to an email that is not addressed
to you personally
Mistake #2F: Opening an executable attachment to an email
Mistake #2G: Replying to an email that requests PI
Mistake #2H: Clicking on a link before evaluating where it goes
Mistake #2I: Opening an attachment on an email that has really bad
grammar or really bad spelling
Measure #3: Keep your serious email contact list up to date
Mistake 3A: Opening an email to your serious account from a user you
do not recognize
Measure #4: Have an adventuring email account for adventuring
Mistake #4A: Failing to quickly delete most incoming emails in your
adventuring account
Measure #5: Install and keep updated a malware program that scans
incoming emails
Measure #6: Turn of executables in Microsoft Office
Measure #7: Never send an email that you don't want to live forever

Appendices for Section I and II (Windows 7, 8 or 8.1 and Windows
10)
Appendix I: Turning on Lockout Account


Appendices for Section III (Routers)
Appendix I: What about networks?
What is a network (computer network)?
What is a gateway?
What is a LAN (Local Area Network) (Local network)?
What is a network address (network number)?
What is a network device?
What is a network edge?


What is a network node (computer network node) (network host)
(node)?
What is a network segment?
What is a subnet (subnetwork) (network subnet)?
What is an intranet (Intranet) (private network)?
What is IP (Internet Protocol)?
What is the internet (Internet) (public network)?
What is an IP address (Logical address) (Network address)?
What is TCP (Transmission Control Protocol)?
What is WIFI (Wi-Fi) (Wifi) (WiFi) (Wireless networking) (Unbounded
media)?
What is wired (hard-wired)?
What is wireless?
Appendix II: How does a router link (connect) an intranet to the internet?
Appendix III: How do I find my router's IP address?
Appendix IV: What hardware do I need to use my router?
Appendix V: How do I access my router?
Appendix VI: How do I reset my router back to the built-in name and
password?


Appendices for Section IV (Networks)
Appendix I: Network basics
What is a cable modem?
What is an intranet (Intranet) (private network)?
What is a network (computer network)?
What is a gateway?
What is a LAN (Local Area Network) (Local network)?
What is a network address (network number)?
What is a network device?
What is a network edge?
What is a network node (computer network node) (network host)


(node)?
What is a subnet (subnetwork) (network subnet)?
What is broadband (wideband)?
What is a communication medium?
What is IP (Internet Protocol)?
What is the internet (Internet) (public network)?
What is TCP (Transmission Control Protocol)?
What is WIFI (Wi-Fi) (Wifi) (WiFi) (Wireless networking) (Unbounded
media)?
What is wired (hard-wired)?
What is wireless?
Appendix II: Common network utilities
What is the command window (command box) (DOS box)?
Ipconfig (IPCONFIG)
Nbtstat
Net (Net services)

Netstat (netstat) (network statistics)
nslookup (Nslookup) (NSLOOKUP)
Appendix III: Why do I care about intranets?
Appendix III: Using ipconfig to find basic network information
How do I find out what IP and what router my PC is using?
What is a command window (command box) (DOS box) (PowerShell
window)?
Appendix IV: Use Nmap with Zenmap GUI to find out what your intranet
looks like?
How do I use nmap to find out what my network looks like?
What does Nmap/Zenmap tell me about my home network?
Services found by Nmap/Zenmap displayed in "Services" tab
Ports on hosts found by Nmap/Zenmap in Hosts Ports/Hosts tab
Network image found by Nmap/Zenmap in Hosts à Topology à Fisheye
tab


Output found by Nmap/Zenmap in Hosts à Nmap Output tab.
What is Nmap?

Appendices for Section V (browsers)
None.

Appendices for Section VI (smartphones and tablets)
Appendix I: How do I do a screen capture on a phone or tablet?
For an Android device
For an iOS device
Appendix II: What are the buttons on a phone or tablet?
For an Android device


Appendices for Section VII (email)
Appendix I: After your email is sent, what is the minimum time until you
can be sure that no electronic copies exist anywhere except your computer?
Appendix II: How to increase your chances of avoiding or defeating an evil
email attack

Suggested reading (when you have time)
What documents are part of this series?
Biography


Revision History
Rev

Change

1.0

Created document


Security
What about security?
What is security?
The dictionary definition of security is "being free from danger or threat".
Experience indicates no one is secure, at least in the dictionary sense.
Solomon had a different take on security (or, maybe, on the lack of security):
"The race is not to the swift or the battle to the strong, nor does food come to
the wise or wealth to the brilliant or favor to the learned; but time and chance
happen to them all" (NIV). (Bumper stickers on the back of pickups

summarize Solomon's quote in two words: "Excrement happens".)
Damon Runyon, writer of "Guys and Dolls" offered an amendment to Solon's
advice: " The race is not always to the swift, nor the battle to the strong, but
that's the way to bet." The way to be secure is to be good and hope to be
lucky. And, (if you've read any of Runyon's other works), the way not to be
secure to be not good (unless you're very, very lucky).
So, I suggest a different definition of security that emphasizes our part in
keeping ourselves secure: "things done and things left undone that give as
much control as possible over the future". Be good (the things done), be
careful (the things not done), and hope to be lucky.
One more quote: "Luck is what happens when preparation meets
opportunity" (Seneca, First Century AD, possibly misattributed). Prepare for
Murphy to knock on your door. A disaster for the unprepared is an
opportunity for the prepared.

What is computer security?
The dictionary says, "measures taken to safeguard code, information, and
systems". A more sensible definition of computer security is "(1) reasonable
measures taken to safeguard code, information, and systems, (2)
unreasonable measures not taken to safeguard code, information, and
systems, and (3) measures not taken to avoid low-rewards." Unfortunately,
reasonable, unreasonable, and low-reward are (like beauty) in the mind of the
beholder.

Is security a new problem?
No! Security has always been a problem! Even strong men have security


concerns: "When the strong man, fully armed, guards his own dwelling, his
goods are safe. But when someone stronger attacks him and overcomes him,

he takes from him his whole armour in which he trusted, and divides his
spoils." (Luke 11:21-22 NIV)
Criminals form gangs to defeat strong men. Captain Grose' 1811 Dictionary
of the Vulgar Tongue (nineteenth century lexicographer) lists 23 occupations
required for a complete "gang of misrule" (crime family). My dictionary
gives these as " … For men, there are fourteen roles: (1) ruffler, (2) upright
man, (3) hooker (angler), (4) rogue, (5) wild rogue, (6) priggers of prancers,
(7) palliards, (8) frater, (9) jarkman (patricoe) (10) whip jacket, (11)
drummerer (dommerer), (12) drunken tinker (13) swadder (pedlar), and (14)
Abram man. For women (and children) there are nine roles: (1) demander for
glimmer or fire, (2) bawdy basket, (3) morts, (4) autem mort, (5) walking
morts (6) doxy, (7) dell, (8) kinching mort, and (9) kinching cove." (Buy my
book if you want to know what all these specialties are.) Add hackers and
testers and you have the kind of crime family HP describes in The Business
of Hacking, capable of stealing from the strong as well as the weak.
How do you defend yourself, your family, and your employees from these
gangs? Mostly by not doing dumb things. But, yes, you will have to spend a
little money and a little time. But not much time and not too much money.


What is in these notes?
What about measures?
What is a measure?
Something you implement. Or, don't implement, depending on how helpful it
is to you.
Most security advice is aimed at companies large enough to employ a flock
of IT people including a full-time security guy. This advice just discourages
a guy who is CEO, CFO, CIO and janitor but wants to do smart security
things. So, I'm going to tell you what I think are reasonable and unreasonable
measures and what are low-reward measures for home business owners,

home users, and small business owners.

What is a low-reward measure?
A security measure that that has a small payoff for the inconvenience, money
and time associated with the measure. Most of the measures advocated by
security professionals are low-reward measures.

What is a reasonable measure?
A security measure that that has a significant payoff for the inconvenience,
money and time associated with the measure.
Reasonable measures that are not terribly inconvenient for a nonprofessional and require little money and time should ALWAYS be
implemented.
Reasonable measures that are terribly inconvenient for a nonprofessional but require only a small amount of time and money should
be implemented when possible. (Maybe hire a professional for a halfday?)
Reasonable measures that are not inconvenient for a non-professional
but require a small amount of time and money should be implemented
when possible. (I define a small amount of money as my monthly
business cell phone and internet bill. You may have a different
definition.)
Reasonable measures that are terribly inconvenient for a nonprofessional and require a lot of money should only be implemented if
you have suspect you are a potential target. Warning: If you are (1)


involved in politics or social issues, (2) are visible in your community
for some reason, or (3) have strange family members or neighbors then
you should suspect you are a target.

What is an unreasonable measure?
A security measure that that has become popular wisdom but probably is of
little value. (A few years ago, one argument for switching from a PC to a

Mac was "Macs don't get viruses." If that was ever true, it isn't now but
many Mac sales people and users still believe it and repeat it to non-Mac
users.)


Feedback
Send me an email at to
let me know when I'm wrong. Thanks, John


What different about this series?
Each chapter in this series can be read in less than thirty minutes. The
recommended actions can be performed in less than thirty minutes. But, the
habits advocated in the document will take a life time of practice to perfect.
Note: All screen images are from Windows 10 Pro Creator Edition. What
you see may be slightly different.


Section I: Simple measures to secure
Windows 7, 8, and 8.1
Warning: The recent ransomware attacks on Windows XP and Windows 7
should have convinced you that Windows XP and Windows 7 are terribly
vulnerable to bad guys, even after Microsoft issued patches for all known
problems. (The data I've seen makes me think that Windows 7 is four times
safer than XP, Windows 8.1 is twice as safe as 7. Safer means NOT AS
VULNERABLE, not "safe".)
Windows XP users should AT LEAST upgrade to Windows 7.
Windows 8 users should AT LEAST upgrade to Windows 8.1.
You still won't be secure but you will only be vulnerable to skilled bad guys.
I've seen upgrades on Ebay really cheap. You should look there if you decide

to upgrade to a less vulnerable version. (No, I don't endorse buying old
software on Ebay. "Wouldn't be prudent." But, less imprudent than running
horribly vulnerable OSes.)
Note: Most of the simple reasonable measures involve overriding defaults.
Note: The defaults in Windows were chosen to simplify installation, not to
keep you safe.

Default problem #1: It is possible to enable the Administrator
user account
It should not be enabled. Turn it off if it is on. Disable it.

What is Administrator (The Administrator) (The one-and-only-real
Administrator)?
Unique built-in user account with ultimate power (much like linux root user),
more powerful than Admin or admin-equivalents. Not affected by UAC.
Disabled in Windows 7 and higher. Not the same as "an administrator" who
is an admin-equivalent.

Mistake #1A: Failing to disable the Administrator user account
A bad guy who gets a standard user ID and password can cause some
problems. A bad guy who gets an admin-equivalent user ID and password
can cause problems. A bad guy who gets the Administrator password owns
your computer more than you do if you’re an admin-equivalent.


What is a standard user?
User cannot modify operating system settings or other users' data. Usually
cannot install software.
What is a super user (superuser) (power user)?
Obsolete category of users, between an admin and a standard user. Was not a

member of the group "Administrators" but could install software that does
not require OS customization and can create/manage standard users and
groups.
What is an admin-equivalent user?
User who has the same rights as the built-in Admin user account. The only
major difference between Admin and Administrator is that UAC warns the
Admin (or admin-equivalent) if he might be getting into trouble. The
Administrator gets few warnings.
What is UAC (User Account Control)?
Any time a program wants to make a major change to a computer, UAC lets
the user know and asks for permission. The Administrator (if enabled) does
not have to deal with UAC. Admin-equivalents, even though they are
members of the group Administrator, do.

Mistake #1B: Using the Admin account instead of your adminequivalent account
Default problem #2: Windows doesn't force you to install
hotfixes, patches, and updates
Get ALL the available hot fixes, patches, and upgrades for your version of
Windows on www.Microsoft.com. Not just the security patches but all the
patches. Get the Office patches, too. Get patches for everything Microsoft
you use. Install them. Note: Hotfixes and patches for the ransomware
exploits in 2017 were available over a month before the exploits. Note: IT
suggests you never install hotfixes, patches, or upgrades. You don't have
time or energy test them and if you wait, you'll forget. The good news here is
that Microsoft no longer leaves (most) testing to its users.

What is a hotfix?
Software that patches an existing application (usually to a Microsoft
application or operating system). Alternative: Small software update for a