Updates to any operating system, whether that is a mobile, desktop, server, or something else, like an IoT device, are normally full of lots of things which make no sense to those who use them, so should you bother? Christopher East, from the Internet Specialist Group has the answer.

Any device which is capable of receiving a software update, will no doubt do so at some point. Sometimes these software updates contain information to update existing features and add new ones, then it is down to you to decide if you want those updates and/or new features.

However, most updates are made available for another reason. They are available to enhance and improve the security of the item you are updating. These security updates allow you and your devices to be more safe and secure than they were previously. If you take the two most recent attacks using Malware, Petya and WannaCry, these both were able to inflict so much damage because of updates not being applied, which would have completely stopped them in their tracks.

Updates are also important for other reasons. They allow you to gain protection and become secured against threats which are discovered but as of yet no one in the criminal community are aware of. This means as soon as they become aware of these vulnerabilities, they will likely go through a testing phase of some description to try and work out what devices are vulnerable to being attacked, and if they find that a considerable portion of the people using devices in the wild already have patches applied which stop their potential attacks, they will give up and try attacking using something else, likely affecting far less people and devices than they were originally trying to target.

In an environment where people bring their own devices, updates become very important, much in the way that herd immunity protects populations of people against life-changing conditions by stopping them from spreading, the same principle applies within the digital environment.

Whilst it will not always be possible for every device to be updated as soon as an update is released, making sure that they are updated as quickly as is reasonably possible, means that if an attack is launched for which an update provides a preventative solution, the attack may affect a small number of devices, but it is likely that it will not spread very far and will be restricted from spreading by the devices which already have the preventative update installed.

To put it another way, if you have a compromised immune system, or even a weakened one, then you get the flu shot every year, to prevent not just yourself, but those around you from getting unwell. The flu shot also given to the carers, nurses and doctors, who are likely to come into contact with those people, because it stops the virus from spreading further.

The same is very true of malware and viruses which are sent out on the internet, but instead of infecting people, they infect your mobile phones, computers, the servers which run your organisations and more specifically (but not only) their websites.

So, in conclusion, making sure you apply updates, regardless of the type or brand of device you use, is vitally important. You should always apply updates as soon as is reasonably possible.

Larger organisations are not exempt from this. They should be applying updates as quickly or even more quickly than those within the home or personal use environment. Because these environments are far more likely to be targeted than single individuals or family homes.

Making sure you apply updates is vital to the health of any organisation who uses IT systems, no matter what the size, because of their reliance on the technology to perform their normal functions. So updating and preventing security flaws and holes from being exploited is very important, and cannot be stressed enough.

Comments (1)

Leave Comment
  • 1
    Martin Brown wrote on 9th Aug 2017

    Whilst I agree that *critical* security updates should be applied as soon as is reasonably practical many updates are issued to make a video driver 2% faster or work flawlessly with some random new 3D game that triggers an obscure rendering flaw. Unless you want to run that software such updates are irrelevant and may even destabilise a working system. Software updates are not risk free and MS has been known to brick some Win7 systems and force Win10 downloads and updates on people with tactics not unlike malware. As for the IoT you don't have much choice but to download security updates every time yet another chink in their insecure implementation is exposed unless you want hackers flashing your house lights and randomising the central heating settings.

    Report Comment

Post a comment

About this blog

This blog is brought to you by the members of the BCS Internet Specialist Group and allows you to harness their skills, expertise and knowledge. The internet is ubiquitous and has a major impact on our daily lives, at work, at home on the move. The associated risks and security concerns are real, but the magic and advantages of the internet are significant.

See all posts by Internet Specialist Group

Search this blog

December 2017
M
T
W
T
F
S
S
1
2
3
4
5
6
7
8
9
10
11
12
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31