My understanding is that it was rolled-out as a last minute update.
The receiving machines (especially GA, as it was in the election code) should have been isolated and recertified prior to use.
Since the unsupervised update was down in the wee hours of the morning, it was either undetected (likely since the machines were left /connected/ to the internet, against code) or, it was discovered too late to sit-down and recertify prior to the required hours of polling start.
Every vote in those machines is technically invalid by Georgia law.
Now, get a court at any level to invalidate a single vote, intentionally cast by an unsuspecting voter.
Even SCOTUS Gore v Bush couldn’t bring themselves to invalid votes because the invalid votes couldn’t be separated.
There is the nub...disenfranchising honest ANONYMOUS votes.
I’ve heard of two updates being applied:
1) Before the election(s) - the week before early voting began, Eric Coomer himself installed in GA at least.
2) After the fraudulent dumps in the morning of 11/4
I’ve also heard references to 5.5 version ... I don’t know which is which or when etc.
BUT as you note, this violates all norms of election software installations - you are supposed to install a/the certified version in the controlled production environment (closed off to outside world) and then run the auditing procedures, etc., then conduct the election on the known installation. Then retain such until long past completion, etc., so that audits can be conducted after the fact.
It appears there are multiple installations of one or more uncertified versions of the software in the picture.