Keep critical software up to date

Some programs you use are critical to the safe use of your computer, and it’s important to keep these patched.

In this article critical software is the collection of programs (both visible and those that run in the background) that transport information from a web server to your screen. It’s the chain of data flow that you use the most often when using the internet.

You have your operating system (e.g. Windows, MacOS, Linux), a web browser, and a stack of drivers that basically make the internet work for you. This is a simplified model, most people’s computers will be unique and full of all sorts of programs.

Because information is flowing along this chain of programs, data being handed off from the operating system to the web browser, every link in the chain is critical. And like the old mantra, the price of security is eternal vigilance. In this case we’re looking at the eternal task of patching your software.

Patches are released by software vendors, whether it’s a free open source program or from a commercial software company. Patches are written because the programmers are always fixing bugs, in particular they’re always fixing security vulnerabilities as they are discovered. It’s a way of strengthening each of the links in your data chain.

The point of this article is that you should always update the following:

  • Patch your operating system (Windows, Mac OS, Linux, etc). Yes there’s a risk in being the first to install a patch, it might break something. Large companies have long complicated procedures to test patches before installing them. Small companies and home users need to take the risk and apply the patch blindly, trusting the vendor. It’s a choice between having the most secure computer possible or waiting to see if a patch is released by mistake. My advice is to take the secure option and make regular backups of all your data (backups would be a good topic for a future article). Most operating systems these days have automated patching systems in place making this simple and often a transparent process.
  • Patch your web browser. All web browsers need to be patched – Microsoft Internet Explorer (IE), FireFox, Opera, Safari, etc. Apply patches as soon as they’re released. Today a web browser is the most vulnerable program on a computer, it gets used to run code that other people write. Code that comes from all corners of the world and is almost always not certified in any way and there’s almost no way of trusting the code. Your web browser will execute it blindly, trusting that it’s safe and you trust that all other programs on your computer (including the operating system) will handle the attacks in a graceful way. Web browsers will be attacked, this is almost a certainty these days. So you need to very latest version that hopefully has had every known vulnerability fixed.
  • Patch your antivirus software. This is often automatic, and it’s often a paid service. Antivirus companies spend a lot of time and money keeping their tools up to date and it’s in your best interest to use their technology. Consider it a good investment, it could cost you thousands of dollars if your system is compromised.
  • Sometimes routers will have to be patched as well. This is a little more advanced and you should only do it if you’re comfortable working with your router.
  • Personal firewalls should also be patched. If your antivirus software includes a [personal] firewall then it’ll be patched automatically, otherwise it’s a separate process.

Chain and padlockAll software that uses the internet in any way, including the various video and music players, needs to be kept up to date. Web browsers and operating systems are the most critical and should be patched the most often. The time and effort you spend is the price you pay for having a safe computer.

  1. AusCERT Survey : FraudO.com - pingback on 19 May, 2008 at 9:23 pm
  2. Used to do my own backups, got 40 years experience in s/w development, and it make my gut sick when I have to deal with people supposedly providing s/w for you needs. This includes NTI, and Intelenet. Have sent minimum of 7-8 tech support emails to these (companies?) with not one response. Also have asked and filled out a form for getting my money back. Big mistake on my part (should tried trial versions), but even them don’t provide the functionality you want to test/research. Call me paranoid, but I will not even consider or recommend any s/w from Germany. Read a lot of feedback and scam/fraud site/reviews which I always do now and wished I had before. Germany is also known for fake or mirrored web sites for malware/viruses/etc. Since I’ve been a developer so long (and have my heart in every thing I do), seriously thinking developing DVDRW backup software which actually works and is made in the good old USA! Needless to say but not surprised, that MS and XP can’t even provide BU s/w for DVDRW (only CDRW!). And long time ago used to use a predecessor to Roxy (CD Creator) which work fine and supposedly this is what MS is providing (or malforming) into there BU s/w (NTBackup). To sum it all up, I’m writing and submitting to the WEB/Reviews/Comments as I promised I would do to these A-Holes calling themselves developers. EOS, see ya and you just might see some s/w from myself.

  3. 130 Million Credit Cards | FraudO.com - pingback on 29 August, 2009 at 12:53 am

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Trackbacks and Pingbacks: