How & Why You Need To Install That Security Patch

Justin Pot 12-02-2015

Updates can be infuriating. They’re also necessary – and putting them off can put you and your personal information at risk.


Yes, it’s annoying when Windows or OS X insists on updating – especially when you were starting to get some work done. But these and other updates don’t exist just to bug you: they protect you. And putting them off makes the job of anyone who wants to compromise your system that much easier.

What Do Patches And Hotfixes Do?

Security patches are designed to fix vulnerabilities in the software you use. What are vulnerabilities? Basically, they’re mistakes that mean the software can be exploited by hackers or malware.

Such vulnerabilities have real consequences. Remember last spring, when the Heartbleed vulnerability in SSL Heartbleed – What Can You Do To Stay Safe? Read More meant web users’ traffic was exposed? This meant criminals could, in theory, gain access to your passwords, credit card number, and more.

How & Why You Need To Install That Security Patch muo heartbleed help heart

In the case of Heartbleed, website owners needed to patch their sites. Sometimes the vulnerabilities are on your computer, though, and in these cases you need to install a patch. This is why Windows and other programs are constantly asking you to install updates.


Wait…What? I’m Confused.

Let’s try a metaphor. Pretend you bought a security system for your house, because you need to protect an extremely valuable diamond.


Two years after the system is set up, the company that installed it for you notices a flaw: criminals who clap three times while bouncing on one leg cannot be detected. If the company that installed your security system offered to fix this vulnerability, free of charge, would you let them?

Of course you would. Think of patches the same way.


Why Do Updates Happen So Often?

Generally, the more complex a system is the more likely it is to have vulnerabilities. This is why operating systems, like Windows and Mac OS X, need updates so frequently: they’re designed to do all kinds of different things, meaning there’s a lot of things could go wrong.

Such updates typically come in two forms: patches and hotfixes. Both fix vulnerabilities, but do so in slighty different ways.

For most users, sticking to patches is ideal. For one thing, hotfixes aren’t tested throughly – meaning they could cause new problems. Additionally, anything solved by a hotfix today will likely end up in a patch eventually.

Patches Broadcast Vulnerabilities

So patches are good, but is there any hurry to install them? You don’t always need to drop everything you’re doing and install patches immediately, but it’s generally a good idea to install them as quickly as possible.


Security experts will tell you that a zero day vulnerability What Is a Zero Day Vulnerability? [MakeUseOf Explains] Read More is a big problem. Essentially, these are flaws in software that no one knows about – meaning no one has developed a way to stop hackers and malware from taking advantage of them. Knowing about one of these vulnerabilities makes it easier to break in – it’s as if someone left their door unlocked.


Think back to our ridiculous example. If you were the person who discovered home security systems can’t detect anyone who claps three times and hops on one leg, you would have a lot of power. You could rob people with very little risk of getting caught.

That’s what a zero day vulnerability is: knowledge of an exploitable flaw in a system that no one else knows about.


Which brings us back to why you should install patches quickly. Whenever software developers release a patch, hackers and malware developers look closely at it to see what it fixes. Through this reverse engineering, they can discover exactly how to compromise systems that aren’t yet patched.

Coming back to our example: if a would-be robber found out that the home security system company was fixing the clap-three-times-hop-on-one-leg bug, and also knew that you never bothered to let them fix it, they’d know exactly how to steal your diamond. The security company is, in a way, teaching robbers about the flaw.


That’s the last time I’ll use that example, I promise. My point: the existence of a patch is in some ways a blueprint for would-be criminals to exploit unpatched systems. For this reason, it’s best to install them quickly.

Of course, frequently criminals find out about vulnerabilities before a patch is issued – earlier this year, for example Google announced vulnerabilities in Windows Should Google Announce Vulnerabilities Before They Have Been Patched? Whyis Google reporting vulnerabilities in Microsoft Windows? Is this Google's way of teaching their competition to be more efficient? What about the users? Is Google's strict adherence to deadlines in our best interest? Read More before Microsoft could patch them. It’s an entirely different conversation, but worth reading up on.

How To Stay Up To Date

Now that you know what patches are, and why it’s important to install them quickly, you might be wondering: how do I install them?

It depends what kind of computer you’re using. If you’re on Windows, you should set Windows to install security updates automatically Fix Windows Update & Make It Less Annoying Without Compromising Security Windows Update can be a nuisance. Here is how you can protect yourself from its annoyances without compromising security. Read More .

How & Why You Need To Install That Security Patch Windows Update Settings

There are lots of good reasons to be running the latest Windows patches 3 Reasons Why You Should Be Running The Latest Windows Security Patches & Updates The code that makes up the Windows operating system contains security loop holes, errors, incompatibilities, or outdated software elements. In short, Windows isn't perfect, we all know that. Security patches and updates fix the vulnerabilities... Read More , so take this seriously.

Other programs, like Adobe’s Flash, will periodically ask you to install updates. Ideally programs wouldn’t do this, and some don’t: Google Chrome, for example, installs updates without bugging you. But generally, if a see a prompt to install an update, it’s a good idea to go ahead and install it.

Mac users can find the latest updates in the Mac App store. Here you can install fixes for OS X itself, as well as for all the software you installed using the store. Mobile systems, such as iOS and Android, work similarly. Whatever your systems are, it’s a good idea to make sure everything is up-to-date.

Do you install patches quickly? If not, why not? Are there any misconceptions about security 4 Security Misconceptions That You Need To Realize Today There is a lot of malware and online security misinformation online, and following these myths can be dangerous. If you've taken any as truth, it's time to get the facts straight! Read More you wish people would stop spreading? If you want to chat about this and more, I’ll be around in the comments!

Related topics: Computer Security, Online Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Giselle
    February 22, 2015 at 9:17 am

    I noticed that i haven't had any update activity lately. Apparently Windows updates are not loading on my computer, even though I have Automatic Installation active. I have no idea of how to fix it and I feel extremely vulnerable now....

    • Justin Pot
      February 22, 2015 at 6:14 pm

      Did you head to the update settings? You can review everything manually there. What version of Windows are you running?

    • Giselle
      February 26, 2015 at 3:32 am

      I did. I've even tried manually installing one update at a time. Nothing has worked. I'm running Windiws 8.1.

  2. ElvisShotJFK
    February 13, 2015 at 7:19 pm

    Just curious as to how many zero day vulnerabilities (or later) are because of beta access to Windows and hackers/crackers holding off until launch in the hopes that what they've found in an RC doesn't get noticed before going gold.

    • Justin Pot
      February 13, 2015 at 7:47 pm

      I'm not an expert, but I don't think beta versions of Windows generally feature many security updates that aren't quickly sent to previous versions. But again, this is far from my area, so take that with a grain of salt.

  3. Dayan Huerta
    February 12, 2015 at 9:17 pm

    Thank you very much, Justin!
    As a matter of fact, I'll only mail the translation to my coworkers.
    Keep the good work!

    PS: Would you like to get a translation copy? If so, let me know where to send it.

    • Justin Pot
      February 12, 2015 at 9:23 pm

      Thanks for sharing this with your co-workers! I don't need a copy – I'd barely be able to read it in any case. :)

  4. Dayan Huerta
    February 12, 2015 at 7:18 pm

    Hi! Is there a problem if I translate this article to Spanish (Mexico)? I don't intend to distribute this beyond my workplace. Thank you for your answer.

    • Justin Pot
      February 12, 2015 at 7:55 pm

      So long as you're not going to publish your translation online anywhere, I don't see why not!

  5. ReadandShare
    February 12, 2015 at 6:57 pm

    I can see complications in a corporate environment with their myriad of servers, users and in-house applications where anything can break.

    But as a home user, I've always installed MS patches as soon as they download. All these years, I've only ever encountered ONE failure -- just last month actually -- where a patch installed badly -- it was widely reported -- and MS issued a fix a few days afterward. That one hiccup ruined my YEARS of unbroken record of patching success. And it wasn't even that bad, really.

    • Justin Pot
      February 12, 2015 at 7:57 pm

      Yeah, it seems to me like the problems are pretty rare – but I can see why anyone who has experienced problems would be wary. And corporate environments are another thing entirely.

  6. Mike Merritt
    February 12, 2015 at 5:01 pm

    After reading about Microsoft's bricking some computers with "bad" patches; I wait a day or so before I install the "Patch Tuesday" patches. That gives Microsoft time to retract a bad patch; or the bloggers a chance to tell the world about a patch problem. I also take the time to write down all of the "KB" numbers of what's updating so that I can decide if a particular future warning by the bloggers applies to me. ... but, in the end, I do do all of the patches that are offered.

    • Justin Pot
      February 12, 2015 at 5:55 pm

      I guess I'm coming at this from a different perspective, because I don't use Windows machines for anything mission critical – my Windows computer is just for games and watching videos. My real work happens on Mac or Linux computers, and those updates haven't broken anything for me.

    • Maryon Jeane
      February 12, 2015 at 6:05 pm

      "I don't use Windows machines for anything mission critical" - that should be engraved on the hearts of everyone, everywhere, who uses computers, just without the personal pronoun...

  7. Buffet
    February 12, 2015 at 1:31 pm

    Woody Leonhard disagrees with you!

    • Justin Pot
      February 12, 2015 at 5:24 pm

      So he does! And he's got a point: it can be really good to know what might happen before you install updates. I've never had a problem, though, and am more afraid of security exploits than I am of bad patches.

    • Buffet
      February 12, 2015 at 5:47 pm

      It can be a thin lie to walk then?
      I tend to methodically do what Mr. Merritt (below) does, except it might be more than one day, perhaps several, if there are any rumblings of potential abnormalities or crashes.
      Thanks again Justin, for explaining your preference so well (from a logical, informative standpoint, rather than a Microsoft minion).

    • Justin Pot
      February 12, 2015 at 5:55 pm

      I'm far from a Microsoft minion! Try out as many systems as you can, it's fun.

  8. dragonmouth
    February 12, 2015 at 1:30 pm

    "What Do Patches And Hotfixes Do?"
    In case of Windows, they plug one set of holes and punch new ones in your O/S. :P

    If applying patches is so critical, why does Microsoft only release their patches on Tuesday? Why not release them as soon as they are ready as is done by Linux developers?

    • Justin Pot
      February 12, 2015 at 5:26 pm

      You know that thing where your Linux distro has updates basically constantly? That's why. Non-geeks are infuriated by constant updates, and in time will stop installing them if the prompts are too frequent. I've seen this with more than a few Ubuntu setups. I think Microsoft's approach is an attempt to address this.

    • dragonmouth
      February 12, 2015 at 8:42 pm

      "Non-geeks are infuriated by constant updates"
      Yes, Justin. Proper security procedures ARE infuriating.

      "in time will stop installing them if the prompts are too frequent"
      For non-geeks, one update prompt is too frequent. In time they stop installing any updates. For them, updates should be mandatory and automatic, without giving them a chance to interfere.

    • Justin Pot
      February 12, 2015 at 9:06 pm

      I don't disagree with anything you're saying, but I'll add that this is a very tricky problem to solve. Lots of different people want different things, and I don't envy Microsoft their task when it comes to updating Windows.

    • Evan
      February 16, 2015 at 1:39 am

      I have Windows download updates automatically, but not install automatically. The updates can then be installed next time I shut down, or when I step away from the computer for a few minutes, so that it won't ask to restart when I don't want to. Of course on Linux, it doesn't even have to restart to install updates.

    • Justin Pot
      February 16, 2015 at 2:11 am

      Some Linux updates will require a restart, but not the vast majority no.