Updates/Patches
Keeping your software up to date is an essential part of keeping your system secure. By closing security holes you can stay ahead of the exploits that an attacker can use against you.
What is an Update?
An update is just what it sounds like… an update to a piece of software. Updates tend to fall into two categories. The first is to fix security problems and to add new features. The second is to keep scanning software up to date on the newest things to scan for.
Why Always Updating is Important
Security problems pop up in software all the time. This is in part due to poor software development practices, but in systems with the complexity of modern programs, bugs are inevitable. To give you some idea, even simple programs will consist of thousands of lines of code. Really complex programs will contain millions of lines. Windows contains over 50 million lines. Try keeping up with all that!
Problems are found all the time. Every day bugs are found in software that most people use on a daily basis. Some of these bugs present a security risk. In a worst case scenario, an attacker can actually take control of vulnerable systems. Because of this, it is important to keep your software up to date. Countless viruses have taken advantage of vulnerabilities that many systems still had despite the fact that an update was released to fix the problem months beforehand. Many times viruses will spread through email or through programs that you download, but some are particularly nasty and can spread across the network on their own. That is to say, a vulnerable computer needs only to be connected to the internet to become infected. That’s a scary thought indeed!
The second type of update is equally as important to your computer’s security. Virus scanners, spyware scanners and spam filters are good examples of programs that need to have updated lists of things to look out for. They can’t stop the newest threats until they know to look for them. On top of that, most of the time it’s the newest problems that are the worst. Virus scanners scan for thousands of old viruses that are barely around anymore. While this is certainly necessary, if all it can do is scan for old stuff, it’s not going to be very good protection.
It is good to note as well that patches are the same thing as the first type of update. Although the word patch still gets used, the word update has generally replaced it in everyday use. If you hear of something being “patched”, that means that an update has been applied to fix some problem.
Automation
Fortunately, updating is almost always an automated process. Most programs are set up to periodically check for updates and sometimes even install them on their own. This is generally quite desirable. It would be an unnecessarily painful process to try to keep everything up to date by hand. Even with the programs taking care of themselves, it’s still good to try to keep an eye on your programs and make sure they are updating properly. And of course, some of them won’t update on their own, so that’s a good thing to look out for as well. The most important programs to look out for are programs that some sort of network interaction. Operating systems, web browsers, email clients and instant messenger programs are critical pieces of software. In contrast, a text editor or image editing software are relatively less important (though so many programs connect to the internet to access some sort of service that it is hard to find much of anything that has no no network interaction at all).
The most important program that you can keep up to date is your operating system, which is most likely Windows. It should keep itself up to date by itself. If it’s not, you’re best off setting it to do so. Exploits generally come out for the most popular software so as to have the greatest impact, and there is no piece of software more popular than Windows.
Caveats
There have been cases where updates have actually created a new security problem even though they may have originally been released to patch some other security problem. Also, updates that add new features, especially major ones such as a Windows service pack, can easily have major issues. Security problems are if anything more likely with larger updates and larger major updates can also cause problems with other software and lead to instability (programs crashing and such….no fun at all). For these reasons, some people wait to install updates until they have been out for a while and have been “proven” to be at least relatively safe. Serious issues with major updates are not common, however, and most users are best off just installing the updates as soon as they can.