In both cases, if you have the maintained kernel version, they are normally fixed to take care of security issues, so if there are updates, you will be able to fetch them via the package manager. in case of centos it would be yum (-> yum check-update to see the updates, yum update to perform the updates).
with patch i menat the package maintainers (here centos) will fix all necessary bugs in the kernel or merge them to work with their os as they want it to. So normally there is no real necessity to change the kernel, except you need features that are not implemented yet, e.g. ext4 support in this concrete case. But maybe take a look at cenos plus / extra packages, maybe that kernel has the features you need. How to compile your own: http://www.howtoforge.com/kernel_compilation_centos