Antivirus software is a critical protection, and should be installed on all systems, but the purpose of antivirus software is to protect against malware. What antivirus software is NOT built for or capable of doing is protecting against faulty code in otherwise approved applications. Patches are designed to fix bad code; collectively called bugs. That code could be a mistake made by a programmer, or an incompatibility with another piece of software, or perhaps instead it is code that just is not as good as it could be.
When that mistake can be exploited by an attacker, patching that code may be the only way to prevent the vulnerability from being exploited. The new Avast Business Patch Management service solves these issues by making it easy to centrally set up, acquire, test, approve, and install system updates and patches with default patch scans and deployment settings.