Pinterest Stumbleupon Whatsapp
Advertisement

Updates can be infuriating. They’re also necessary – and putting them off can put you and your personal information at risk.

Yes, it’s annoying when Windows or OS X insists on updating – especially when you were starting to get some work done. But these and other updates don’t exist just to bug you: they protect you. And putting them off makes the job of anyone who wants to compromise your system that much easier.

What Do Patches And Hotfixes Do?

Security patches are designed to fix vulnerabilities in the software you use. What are vulnerabilities? Basically, they’re mistakes that mean the software can be exploited by hackers or malware.

Such vulnerabilities have real consequences. Remember last spring, when the Heartbleed vulnerability in SSL Heartbleed – What Can You Do To Stay Safe? Heartbleed – What Can You Do To Stay Safe? Read More meant web users’ traffic was exposed? This meant criminals could, in theory, gain access to your passwords, credit card number, and more.

How & Why You Need To Install That Security Patch muo heartbleed help heart

In the case of Heartbleed, website owners needed to patch their sites. Sometimes the vulnerabilities are on your computer, though, and in these cases you need to install a patch. This is why Windows and other programs are constantly asking you to install updates.

Advertisement

Wait…What? I’m Confused.

Let’s try a metaphor. Pretend you bought a security system for your house, because you need to protect an extremely valuable diamond.

microsoft-security-diamond

Two years after the system is set up, the company that installed it for you notices a flaw: criminals who clap three times while bouncing on one leg cannot be detected. If the company that installed your security system offered to fix this vulnerability, free of charge, would you let them?

Of course you would. Think of patches the same way.

Why Do Updates Happen So Often?

Generally, the more complex a system is the more likely it is to have vulnerabilities. This is why operating systems, like Windows and Mac OS X, need updates so frequently: they’re designed to do all kinds of different things, meaning there’s a lot of things could go wrong.

Such updates typically come in two forms: patches and hotfixes. Both fix vulnerabilities, but do so in slighty different ways.

  • Patches address a number of different issues, and sometimes even include new features. These are often regularly scheduled – Windows updates happen on Patch Tuesday Windows Update: Everything You Need to Know Windows Update: Everything You Need to Know Is Windows Update enabled on your PC? Windows Update protects you from security vulnerabilities by keeping Windows, Internet Explorer, and Microsoft Office up-to-date with the latest security patches and bug fixes. Read More , for example – and are sent to all users of a particular system.
  • Hotfixes are smaller downloads, typically created quickly to to fix a particular flaw or problem. Because there’s not a lot of time for testing, Hotfixes generally aren’t released to the general public: instead, they’re offered if customers are willing to potentially put up with bugs for a quick fix to a given bug.

For most users, sticking to patches is ideal. For one thing, hotfixes aren’t tested throughly – meaning they could cause new problems. Additionally, anything solved by a hotfix today will likely end up in a patch eventually.

Patches Broadcast Vulnerabilities

So patches are good, but is there any hurry to install them? You don’t always need to drop everything you’re doing and install patches immediately, but it’s generally a good idea to install them as quickly as possible.

Security experts will tell you that a zero day vulnerability What Is a Zero Day Vulnerability? [MakeUseOf Explains] What Is a Zero Day Vulnerability? [MakeUseOf Explains] Read More is a big problem. Essentially, these are flaws in software that no one knows about – meaning no one has developed a way to stop hackers and malware from taking advantage of them. Knowing about one of these vulnerabilities makes it easier to break in – it’s as if someone left their door unlocked.

zero-day-exploits

Think back to our ridiculous example. If you were the person who discovered home security systems can’t detect anyone who claps three times and hops on one leg, you would have a lot of power. You could rob people with very little risk of getting caught.

That’s what a zero day vulnerability is: knowledge of an exploitable flaw in a system that no one else knows about.

Which brings us back to why you should install patches quickly. Whenever software developers release a patch, hackers and malware developers look closely at it to see what it fixes. Through this reverse engineering, they can discover exactly how to compromise systems that aren’t yet patched.

Coming back to our example: if a would-be robber found out that the home security system company was fixing the clap-three-times-hop-on-one-leg bug, and also knew that you never bothered to let them fix it, they’d know exactly how to steal your diamond. The security company is, in a way, teaching robbers about the flaw.

patches-security-blueprints

That’s the last time I’ll use that example, I promise. My point: the existence of a patch is in some ways a blueprint for would-be criminals to exploit unpatched systems. For this reason, it’s best to install them quickly.

Of course, frequently criminals find out about vulnerabilities before a patch is issued – earlier this year, for example Google announced vulnerabilities in Windows Should Google Announce Vulnerabilities Before They Have Been Patched? Should Google Announce Vulnerabilities Before They Have Been Patched? Whyis Google reporting vulnerabilities in Microsoft Windows? Is this Google's way of teaching their competition to be more efficient? What about the users? Is Google's strict adherence to deadlines in our best interest? Read More before Microsoft could patch them. It’s an entirely different conversation, but worth reading up on.

How To Stay Up To Date

Now that you know what patches are, and why it’s important to install them quickly, you might be wondering: how do I install them?

It depends what kind of computer you’re using. If you’re on Windows, you should set Windows to install security updates automatically Fix Windows Update & Make It Less Annoying Without Compromising Security Fix Windows Update & Make It Less Annoying Without Compromising Security Windows Update can be a nuisance. Here is how you can protect yourself from its annoyances without compromising security. Read More .

How & Why You Need To Install That Security Patch Windows Update Settings

There are lots of good reasons to be running the latest Windows patches 3 Reasons Why You Should Be Running The Latest Windows Security Patches & Updates 3 Reasons Why You Should Be Running The Latest Windows Security Patches & Updates The code that makes up the Windows operating system contains security loop holes, errors, incompatibilities, or outdated software elements. In short, Windows isn't perfect, we all know that. Security patches and updates fix the vulnerabilities... Read More , so take this seriously.

Other programs, like Adobe’s Flash, will periodically ask you to install updates. Ideally programs wouldn’t do this, and some don’t: Google Chrome, for example, installs updates without bugging you. But generally, if a see a prompt to install an update, it’s a good idea to go ahead and install it.

Mac users can find the latest updates in the Mac App store. Here you can install fixes for OS X itself, as well as for all the software you installed using the store. Mobile systems, such as iOS and Android, work similarly. Whatever your systems are, it’s a good idea to make sure everything is up-to-date.

Do you install patches quickly? If not, why not? Are there any misconceptions about security 4 Security Misconceptions That You Need To Realize Today 4 Security Misconceptions That You Need To Realize Today There is a lot of malware and online security misinformation online, and following these myths can be dangerous. If you've taken any as truth, it's time to get the facts straight! Read More you wish people would stop spreading? If you want to chat about this and more, I’ll be around in the comments!

Leave a Reply

Your email address will not be published. Required fields are marked *