Cisco Blogs

NCSAM Tip #2: Keeping Your Software Up-to-Date

October 4, 2011 - 0 Comments

As software manufacturers fix security vulnerabilities they will often release new versions of their software for their users. This is a good thing and aims to protect us from many potential online threats, such as trojans that steal our personal information, or scareware that serves no legitimate purpose. However, it begs the question: How do we users learn of this newer software so that we can be protected?

Like most things, the answer is, of course: it depends. 😉

The steps required for us to keep our software up-to-date varies from software package to package, but can generally be categorized into four buckets, ranging from fully automatic to manual. The following graphic lists the four categories with their relative desirability:

The automatic settings—what I call Fully and Partially Automatic—are typically enabled using a configuration option inside the application. Often labeled “Enable Automatic Software Updates” or similar, these settings may or may not be enabled by default. Regardless of their initial default setting, these options should always be enabled.

Unfortunately, not all software supports automatic update functionality. For those programs that do not, it is important to evaluate the risks and work to overcome them ourselves. You should ask yourself the following questions about this software:

  • Do I use this program to open files from other, potentially untrusted, people?
  • Does this program receive input from the network directly?
  • Is this program very common and in wide-spread use?

If you answered “Yes” to any of the above questions, the software may present a security risk and you should take steps to keep it updated. But how do we do that? It might be as easy—and admittedly tedious—as regularly visiting the website of the software’s manufacturer and looking for new versions. Some companies also send email announcements of new software versions, and those announcements can be a low effort way to learn of new updates. In any event, find out which category of software updates is used by the package and make sure you take the steps required to ensure that it is regularly kept up to date!

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.