Maintaining Software

Why do we have to Patch Software?

After a software is published, errors are often discovered. These errors may be usability or coding mistakes that allow for unintended events (exploits). Attackers use these exploits to take control, cause damage, affect availability, or steal information on systems. A patch is a code fix, released by the software publisher designed to fix these errors in the code and return stability to the affected software.

Who is responsible for installing patches?
If you have a home computer, that person is you!  Microsoft, Adobe, and other venders have optional automatic patching that you can configure.  Its always best to allow software to check and patch itself.  This prevents systems from being months behind in applying the latest security and usability patches.  If the system is at work, ask your helpdesk if you are not sure if you are required to patch your work systems.

What is the Risk?
Failing to regularly install security patches places the entire network at risk. Often attackers compromise a single system and then use it to attack others. This can cause loss of data, availability, and damage to the companies reputation.


Protective Measures:

1.  Check software vender sites no less than monthly of software on your system that does not provide for an automated update option.

2.  Subscribe to a security bulletin or news letter that routinely discusses software patches and risks.  Once such site is the SANs

Safety Tips:

1.  Only obtain patches from the software manufactures site.

2.  Treat all unsolicited email notices about required patching as suspicious.  Verify issues from the manufactures site directly, not via email links.
 
3.  If a security patch causes a stability issue or will not install properly, call the software manufactures support line.  Most provide no-cost support for security related issues.