Patching Software: Why it’s Critical in Avoiding Cyber Attacks
Software updates are becoming even more important as software vendors patch vulnerabilities “threat actors” are using to infect computers and devices. Not patching is the equivalent of leaving the key to your front door in the keyhole. It’s like saying, “Please, bad guy! Come on in!”
“Software vulnerability” is a fancy word for an inadvertent security hole left by a programmer when they wrote the software. This security hole can wreak havoc on devices using that software when a threat actor finds it and begins exploiting the vulnerability to do bad things like installing malware or ransomware. This includes computers, tablets and cell phone applications. Cell phone apps are software - exactly like the software on your computer. Phones are not just phones anymore. Your phone is a computer too, which is why users should update their operating systems like Windows, OSX, iOS, and Android. Also critical for cyber protecting is updating the applications that run on those operating systems like Microsoft Office, Internet Explorer, Google Chrome, Adobe Flash, Facebook and any other application you may be using on your devices.
CERT, the Computer Emergency Readiness Team, a division of the Department of Homeland Security states, “Most attackers target vulnerable applications and operating systems. Ensuring that applications and operating systems are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker. Use best practices when updating software and patches by only downloading updates from authenticated vendor sites.”
Auto update is your friend! Update everything all the time, automatically! Auto-update is what everyone should be doing. Don’t be afraid of Microsoft updates, Adobe updates, Apple or Android phone updates. Updates and patches are your friend. They are plugging up those security holes that leave you vulnerable to attack – updates also provide you with additional features. Additional features are great, but the security component of patching is more important. If you were one of the people who had already updated your Microsoft products with the “Microsoft Patch Tuesday” patches from March 2017, you were not vulnerable to the Petya or WannaCry ransomware that broke out across the world this summer. Proactive software patching can save you from the next big attack. Don’t be a victim. Patch!