Network Security guide for the home or small business network – Part 5 – Update your software
Okay – so after the last article you’ve inventoried what software you use on a PC and you know what services (server’s) the pc runs that you’ve told it to. You even know what passes as “normal” startup programs. Now it’s time to put that to use. It’s time to keep up with updates for the operating system, any of the programs you use form time to time, and any programs that listen as a service (actively listen for incoming network connections.)
Wow, that’s a lot though! Yes it is. This is probably the toughest part of internet security in many ways. Keeping up with updating everything can be overwhelming. This doesn’t mean you have to go out and buy new versions everytime a software maker releases the next better version. We’re talking about security fixes. With Windows *(operating system) these are usually called critical updates. http://windowsupdate.microsoft.com is a good place to visit to check for these. This is the official Windows Update site from Microsoft. Automatic updates can download and install those updates for you, but I like to go to the update site myself and check first hand to make sure a system is up to date.
Remember, Microsoft doesn’t make a practice of emailing customers about security updates. Don’t be too quick to trust links you find in emails claiming to notify you of updates. Type the address into your web browser bar. http://officeupdate.microsoft.com is the Microsoft site for official Microsoft Office updates. Some of these go beyond security updates to bug fixes and in some cases feature improvements. (As do some of the Windows updates).
In the case of other software, you will need to visit those publishers sites individually, or use an update capability within their program. Recently there have been security updates for realplayer, acrobat reader, macromedia flash player among others. Internet Explorer updates are dealt with through Windows update, but these third party updates are just as important.
Some linux systems make getting updates for all installed software very easy. (apt-get update from the command line, or urpmi.update -a && urpmi –auto –auto-select ). Now the downside of updates. Sometimes software updates fix one feature but break another. The risks of the breakage vs. the fix have to be weighed carefully. If the breakage is considered to severe to install a security update, that program needs to be treated with much more suspicion because it is more vulnerable.
This really is the one part of network security that seems like an endless fight. Remember the saying though, security is a process not a product (nor is it a destination, but a direction.)