You may not realize it, but cyber attackers are constantly looking for new vulnerabilities and weaknesses in the software people use every day. This software may run your laptop, the mobile apps you use on your smartphone, or even the software in your devices at home. Bad guys take advantage of these software weaknesses, allowing them to remotely break into devices around the world. In response, the software and device vendors are constantly developing fixes for these weaknesses and pushing them out in the form of software updates. One of the best ways you can protect yourself is to ensure the technologies you use are updated with the latest software, making it much harder for cyber attackers to break into them.
How Updating Works
When a software vulnerability is discovered, a software update (also known as a patch) is developed and released by the vendor. Most software programs and devices nowadays have a mechanism to connect over the Internet to a vendor’s server to obtain the software update. This update, nothing more than a small program, typically installs itself and fixes the vulnerability. Examples of software you need to update are the operating systems that run your laptop (such as Microsoft Windows or OSX) or run your smartphone (such as Android or iOS). Additionally, but often overlooked, you need to update the programs that run on your devices, such as your laptop’s web browser, word processor, messaging software, and your phone’s mobile apps (especially social media apps).
Whenever you purchase a new computer program or a new mobile app, immediately check to be sure the software vendor is actively updating the program or device. The longer software goes without any updates, the more likely it has vulnerabilities that cybercriminals can exploit. This is why many vendors, such as Microsoft, automatically release new patches at least once per month.
Finally, if you are no longer using a certain computer program, software or mobile app, remove it from your system. The less software you have to update, the more secure you are.
Types of Updates
There are two general ways of updating a system:
With automatic updates, whenever a device, operating system, program, or mobile app detects that a new update has been released by the vendor, it automatically downloads and installs the update. The advantage of automatic updates is that you don’t have to do anything. The software ensures that the technologies you are using are current. The disadvantage of automatic updates is the updated program could cause a problem, resulting in the loss of functionality or data. This is rare for personal devices but can happen in more complex environments, like large corporations.
With manual updates, when an update is available for a device, operating system, program, or mobile app, you must manually download and install the update. This gives you more control over what and when updates are installed. Many companies typically like manual updates because they allow them to preemptively test changes to detect and address any issues caused by the update. The disadvantage of manual updates is that it may take you much longer to update the system, or you may even forget to install the update.
For your personal devices, we highly recommend you enable and use automatic updates. This ensures that all of the technologies you are using, from your smartphone and laptop to your baby monitor and door locks, all have the latest software. Up-to-date devices and software make it much harder for cybercriminals to breach them. Enabling automatic updates is one of the simplest and most effective ways to protect yourself and securely make the most of today’s technology.
Source: The SANS Institute