Most everyone understands application software updates. We do it all the time with our phone apps, and most have seen a notification to update your computer operating system. They often give us new features, but, more importantly, they improve security.
Software Updates / Patches
Software updates are also known as “patches”. Think of them as patching holes in the software code to prevent cybercriminals from taking advantage of vulnerabilities and infiltrating your network.
When software vendors find vulnerabilities (holes) in their software, they create new code to repair them. When they release the software update, they publish what the changes are to the code. So from the time the patch is released to the time you install it, cybercriminals are working fast to take advantage of the vulnerability. This is called Zero-Day Vulnerability.
We most often think of our computer and server operating systems (Windows, IOS). We often forget the other third-party applications we use (like Adobe, Java, Chrome) and other hardware devices like your Firewall, Camera Systems, and Audiovisual Systems). Hardware has FIRMWARE that can also require updates.
End of Life Hardware and Software
All hardware and some software have a lifespan. When the vendor announces its End Of Life, you need to pay attention and make a plan to REPLACE it. EOL software and hardware can no longer receive updates and patches. We’ve recently had a significant issue with this around Windows 7 and Windows Server 2008. Microsoft supported it for as long as it could and now these are at great risk if on your network.
Another example you might be familiar with this situation – your iPhone 6 could no longer be updated because the hardware could no longer support the newest operating system. Your phone may still work, but not as good and it opens the hardware up to being attacked and loaded with malware.
Tips to Keep Up With Updates
Turn on Auto-Updates.
Have a process to make sure the update has installed correctly.
Sign up to get notifications from your software vendors so you can watch out for critical software updates and patches.
Do this for ALL your Applications!
Don’t forget Hardware Updates!
If you update manually, go directly to the vendor sites to find the updates – never click on advertisements or third party sites.