The ARP Score (AddRemovePrograms Score) is a 1–10 rating designed to help IT professionals quickly evaluate the significance of an enterprise software update. While not a replacement for reviewing vendor release notes, the ARP Score offers a fast, standardized way to identify updates that may warrant immediate attention.
How the Score Works
The ARP Score is based on the following criteria:
| Score | Meaning |
|---|---|
| 9–10 | Critical update — usually addresses major security vulnerabilities, introduces breaking changes, or fixes high-priority bugs. Review and act quickly. |
| 7–8 | Important update — includes security fixes, feature improvements, or relevant performance patches. Prioritize based on your environment. |
| 5–6 | Moderate update — typically includes minor fixes or improvements. Apply based on regular patch cycles. |
| 3–4 | Low-priority update — cosmetic changes, stability tweaks, or back-end refinements with minimal impact. |
| 1–2 | Informational — unlikely to affect enterprise operations. Useful for version tracking or environments with strict standardization. |
What Influences an ARP Score?
Each update is scored based on available metadata the below. Unfortunately, this data isn’t always captured which can impact scoring accuracy.
- Security relevance (CVEs, patch categories)
- Update type (security, bugfix, feature, performance)
- Platform impact
- Version history and EOL proximity
- Vendor notes and published risk statements
Limitations
While ARP Scores are curated using structured and inferred data, they are not a substitute for:
- Reading the vendor’s full release notes
- Validating updates in your test environment
- Considering unique environmental dependencies
We strive for accuracy, but mistakes can happen. When available, we provide direct links to vendor resources to help you quickly verify important updates.