There are many questions that need to be pursued.
Why was an update performed on machines 3 days before a presidential election?
Was this a critical update?
How many machines was this done to?
Who performed this update?
Who approved this update?
What change management procedures are in place?
What is the validation process to verify successful update?
Review the source code.
Did the changed votes happen in one precinct or more than one?
One machine or more than one?
Were they consistently changing every vote for Trump to Biden or were these intermittent?
If intermittent, is there a pattern?
Were any other down ballot races affected by this or only the Presidential?
Were any third party candidate votes changed in the presidential race?
This is why lawyers and courts need to be involved to drill down and get to the bottom of this mess.