Keeping your software up to date is the best way to protect yourself from hackers. While installing patches is never convenient, it is the most effective measure you can take to protect your computer, phone, and other digital devices.
What are patches?
Patches are software and operating system updates that address security vulnerabilities within a program or product. Software vendors like Microsoft and Apple release updates to fix security and performance issues, as well as to provide enhanced features. Examples of software that often get security and performance updates include:
- Operating Systems (Windows, MacOS)
- Browsers (Chrome, Firefox)
- Plug-ins (Flash, Java)
- Applications (Microsoft Office, Adobe Acrobat, Zoom, apps on your smartphone)
How do you find out what software patches you need to install?
When software updates become available, you may get a notification on your device or within the software application. Check your browsers, applications, and operating system for possible updates, and if automatic updating is available, turn it on. The option to check for and configure updating is often in the system settings (for Operating Systems) or the App Store (apps on phones and tablets). For computer applications such as browsers, Adobe Acrobat, or Microsoft Office, you may need to open each application and go to preferences to check for updates.
How do I enable Automatic Updates?
Some devices and software have the option to automatically check for updates, and may also download and install them automatically. Sometimes you need to turn this feature on. If automatic options are available, we recommend that you take advantage of them. Microsoft, Apple, and Google have guides for enabling this feature:
Microsoft:
https://support.microsoft.com/en-us/help/311047/how-to-keep-your-windows-computer-up-to-date
Apple:
https://support.apple.com/en-us/HT201541
Google:
https://support.google.com/googleplay/answer/113412?hl=en
What is end-of-life software?
Sometimes vendors will discontinue support for an operating system or application. This means they stop issuing software updates for it. Software that falls in this category is called End-of-Life (EOL) software. Continued use of EOL software poses consequential risk to your system that can allow an attacker to exploit security vulnerabilities. We recommend you upgrade or retire all EOL products. Examples of EOL software include Windows 7 and older, MacOS 10.12 and older, and iOS 11 and older. For Android phones, manufacturers control whether your phone will get updates. Check with your device manufacturer to determine if it still receives security updates.
Best Practices for Software Updates
- Enable automatic software updates when available to ensure that updates are installed as quickly as possible. You may need to turn this feature on.
- Do not use unsupported EOL software.
- Don’t forget to update browsers, plugins, and software applications in addition to operating systems
Install updates as soon as possible to protect yourself against attackers who could take advantage of system vulnerabilities. Attackers may target vulnerabilities for months or even years after updates are available. New vulnerabilities are continually emerging, but the best defense against attackers simple: keep your software up to date. This is the most effective measure you can take to protect your computer, phone, and other digital devices.
Thank you,
Kristen Dietiker
Chief Information Security Officer