We are all too familiar with those pesky little notifications making sure you are aware that there is an “Update Available” for your software. Every operating system and, any program worth having, usually releases updates. Most of us tend to ignore these little notifications and put off downloading and/or installing these updates. You’ve probably even said things to yourself such as; “Are these updates really necessary?” “Everything is working just fine as it is.” or “I don’t want to have to restart my computer!” Although these are all valid annoyances, this is a terrible practice that could leave your computer at risk of attack or infection!
Here’s why those updates matter. These updates, which can also be referred to as ‘patches’ or ‘service packs’, are usually released in order to enhance the security of the software. They can also contain bug fixes and even improve performance and stability of the program. (Note: Updates and Upgrades are two very different functions. Updates patch or fix the current master version of the software and Upgrades provide a fresh installation of the latest master version.)
Most computer viruses and malware are designed to exploit different vulnerabilities that may be present in your software. If an attacker is able to see that you are running outdated versions of Java or Adobe Flash player, they can gain access or infect your machine through online applications. These online applications are almost always something harmless like a game on a social media site or an interactive webpage that is powered by either Java or Flash.
To give you an example of the severity of this and, not to hate on Adobe Flash, but there are close to 700 known vulnerabilities that can be exploited within the Adobe Flash software. Almost all of these vulnerabilities have been fixed through frequent updates. Malicious hacker know that the vast majority of users aren’t regularly updating their software and this is why Flash is also one of the most exploited programs by attackers.
One way to prevent an attack from these sources is to simply not use them. I myself do not use either Flash or Java unless it is absolutely necessary. Though if you need to use them, make sure that they are running the latest updated version and you are only accessing secure websites when doing so.
You should also know that regular updates are equally as important for all other devices and not just for your computer’s software. Many mobile phone and tablet apps release frequent updates that address vulnerabilities and security concerns. Using third party apps and apps that aren’t from your mobile phone’s app store could be leaving you vulnerable as these apps aren’t regularly updated or even regulated by the app stores.
Luckily, most mobile devices make it easy to update your applications and OS (Operating System) but what about your PC’s? Most computers allow you to setup automatic updates but not all third party software is included in this process. If you run a relatively lean machine, like myself, and you don’t have a huge number of programs that need to be updated regularly, it’s not too difficult to setup each of them to automatically check for updates. This can usually be done in the setting for the particular program. If you happen to have a large number of programs and you prefer a hands off approach, something like Filehippo Update Checker could be the answer. I’ve tested this update checker out myself and was pretty pleased. This program is free and is not very large and it seems to be pretty user friendly and reliable.
For most Windows PCs you can simply go to the Control Panel and select ‘Windows Update’ where you should find an option to “Change Settings.” When you click on “Change Settings” you should see an option to perform automatic updates.
For Mac users go to the Apple menu and click on “System Preferences.” Next, go to the “App Store” panel and check the boxes for “Automatically check for updates” and “Download newly available updates in the background” and finally check the box next to “Install OS X updates,” then you can either close System Preferences normally or select “Check Now” at the bottom so you can see if there are any current necessary updates.
What about Zero-day attacks? (0-day)
I might be getting too far in to the weeds with this one but some of you may have heard of a “0-day” or zero-day attack. This is when attackers find an exploitable vulnerability in software on the same day that an update or upgrade is released. I’ve heard some people say that they don’t want to update right away because they might become vulnerable to one of these scenarios. Well, the likely-hood of that is very slim unless you are either a major target or the developer of the software yourself. In fact, by not updating from fear of a 0-day attack you are keeping yourself at greater risk by not fixing the many other vulnerabilities. Look at it this way; would you rather risk 1 vulnerability that is likely only exploitable by the most savvy malicious hackers (who likely aren’t interested in individuals)? Or would you rather risk being exposed to hundreds of vulnerabilities that any old malicious ‘script-kiddie’ could find out how to exploit with a simple search? (Note: a ‘script-kiddie’ is someone who uses existing code or hacks in order to exploit or attacks rather than writing their own)
So, making sure that your software is up to date is a very important step in securing yourself from potential vulnerabilities and attacks. Although having the most up to date system will not protect you 100% of the time, it is a very crucial first step and it will greatly reduce the likelihood that you may fall victim to a cyber-attack. Remember to setup your automatic updates and try to break the habit of ignoring those pesky update reminders.
Tip: for any software or OS that allows you to run timed or scheduled updates, set them to run overnight or during a time-frame that you are less likely to be on that system. This allows a lot of those updates to be completed without getting in the way of your work or play!
If you have any other questions, comments or concerns, feel free to leave a comment or contact me through the contact tab at the top of the page!