Understanding Updates and the importance of Patch management
At one point or another you have been prompted to install the latest update for Flash, Java and let’s not forget Windows updates. In the case for Windows 10 we see those updates on almost daily basis and some of them come with lengthy restart times. Those down times can be quite annoying, so the first thing that comes to mind is ‘how can I prevent this from happening’? But before I try to answer this question I want to backtrack to why do we need to update and should you even try to avoid it.
The first thing to understand is that there are different kinds of updates. Some of them add new features or improve existing ones. Others improve the reliability and stability of your software making it more compatible with the operating system and other applications. And finally, there are security updates: they patch vulnerabilities in the code of the software.
If you are an average user who is too busy updating your social media, doing online banking, sending dozens of confidential emails and embarrassing messages (anyone comes to mind?) and you are somehow OK with an occasional program freeze or system crash, you can be tempted to skip the next software update, if it follows into the first two categories.
But if you are that same average user, who spends half of their time on a computer or cellphone, you should think twice before disregarding the next security updates. Put into the words of security analyst, Brian Donohue: “Patching software is like maintaining your car. It will still run without maintenance, but driving becomes more and more dangerous the longer you go on without a check-up.” Emphasize on word dangerous here, because with the proliferation of malware that can take advantage of software flaws and the ever-growing number of cyber attacks, failure to patch began to impact not just the individual machine, but entire networks. DDoS attacks launched from a million of infected devices, have been more powerful than ever and the list would only get bigger.
So, should you spend all that time and check what kind of updates are due for your system? Probably not. For home users, its best to set your software to automatic updates and try to restart your systems whenever you are done using the computer (at least once a week).
For businesses, in order address data leakages or breaches that might happen out of software bugs or well-orchestrated attacks, modern cyber security strategy should be in place, including a policy that enforces low time-to-patch for all the software installed on any system.
And if you don’t have the resources to do so, you should find a trusted MSP Partner.