Normally I wouldn’t even write about this subject because it almost seems like a redundancy to mention it, but recently came across some misconceptions that urged me to help set the record straight.
Software updates, what are they? what are they for? should they be installed? Generally speaking, the main computer software updates are its operating system updates. Since I don’t work with Macs, this means Windows updates. These updates can have 3 goals: improved stability, improved security, improved performance.
Specifically on security, the cycle goes like this: some not-so-well-intentioned fellow(s) looks for and finds a vulnerability in a current Windows operating system. That means a security hole which if successfully exploited, allows the bad guy to gain access to your computer data and maybe even gain control over it. Not good. Microsoft gets wind of the vulnerability, develops a “patch” to fix it, tests it, releases it through Windows update, it gets applied broadly, no more security hole. The cycle repeats over and over in an endless race over the zero-day exploit. The term derives from the age of the exploit. When Microsoft becomes aware of a security hole, there is a race to close it before more attackers discover it or the vulnerability becomes public. A “zero day” attack occurs on or before the first or “zeroth” day of vendor awareness, meaning Microsoft has not had any opportunity to disseminate a security fix to users of the software.
Stability and performance follow a less hectic path, but they are nonetheless also upgrades.
Other non-operating system software vendors also provide updates for their software with the same goals.
Now, some people seem to be against installing updates, partially due to bad past experiences, i.e. after installing an update, something went wrong and the computer had a new problem. Does it happen? yes. Have some updates been more damaging than beneficial? yes. Does that mean one should just not update? NO. In the overall grand scheme of things, updates will always be more beneficial than harmful.
Keep your computer up-to-date with the latest updates from Microsoft and any other applicable software vendors. It is an essential step to keeping your computer secure and healthy.
Contact me if you need help on the subject.
I just wrote a similar article on the same question.
http://www.blueridgenetworks.com/securitynowblog/endpoint_security/unpatched-pc-software-targets-malware-attacks
I considered swapping one of the sub-headers in the article for the title, calling it ‘the zen of malware and software patches’. In short, if all theoretically possible patches were magically implemented on your PC, it would be immune to all malware attacks except socially engineered ones where users are tricked into doing something foolish.
Oh, one more point, Microsoft has reported in its last two security intelligence reports that roughly 90% of malware attacks target vulnerabilities in applications rather than the operating system or its components. Yes, this does serve MS interests in OS but they are also the biggest App vendor too.
Cheers,
Eirik
Yours is an interesting article. Definitely zero-day exploits are AV solutions’ nightmare, and signatures will never be an appropriate defense mechanism for it. Behavioral or heuristic approaches is what they have left against such exploits.
I intend to study your white paper on your product and see what it can bring to aid in the security battle. Thanks for your input.