It may not be very sexy, but just keeping your software up-to-date is an important part of digital security. It protects you and makes the internet a little safer for everyone by preventing the common hacker tactic of having your computer or other device attack other users.
Realistically, there are flaws in pretty much every piece of software. Development is a constant back-and-forth of finding vulnerabilities that hackers could exploit and then patching these pieces of code to fix those issues. In fact, most large companies employ people specifically to try to hack into their software so that the company can find and fix vulnerabilities before hackers take advantage of them.
Just in the past few weeks, Apple released “urgent updates” for both iOS and their desktop OSes to block a hack that could turn your Apple device into a spying tool. This exploit has been described as the “most sophisticated spyware” ever seen, and could let the hacker read messages and take control of your iPhone or other device. This is pretty scary when you think of all the data that gives them access to such as credit card numbers and banking info.
The three main ways many security experts protect themselves are updating software regularly, turning on two-factor authentication, and using a password manager. Thankfully, it’s getting easier than ever to keep your software up-to-date, so here are a few tips to make sure you’re on top of things:
- Turn on automatic software downloads on any device (including IoT products) that has them (e.g. for an iPhone, go to Settings then iTunes & App Stores, and then turn on Automatic Downloads for App Updates);
- for desktop operating systems, make sure you have automatic updates configured (e.g. in Windows 8, go to Settings then Change PC Settings, then Update & Recovery to choose how updates get installed);
- if you’re running anti-virus software then make sure it is always updated (as the software can only protect against viruses it knows about);
- and it’s never a bad idea to go to your application menus and manually Check for Updates every week or two (especially for browsers, which are a common area for vulnerabilities).
Two more things to consider. First of all, most software will notify you of updates from within the software after it’s launched. If you get an email saying you should click on a link to update or some other notification that seems not to be connected to the software itself then it may not be legit, so go to the software maker’s official website and check on the listed updates if you’re in doubt.
Secondly, some software updates may not contain any security fixes at all, and it’s reasonable to put those off if you’re in the middle of a big, important project that uses the software that’s asking to be updated – but try not to make this a habit! Thankfully, most updates will have associated notes that outline whether or not there are security patches in a given update, so make sure to give these a read before deciding to postpone an update.