Byte of Prevention Blog

by Dan Pinnington |

Avoiding Cybercrime Dangers: Address Security Vulnerabilities by Installing Operating System and Program Updates

cyber security[This post is the sixth in a series. The original post can be found here.]

There are millions of lines of computer code in the operating systems and programs that run on your computers, tablets and smartphones. These operating systems and programs will have hundreds or even thousands of settings and features. These settings and features are intended to allow you to do all the things you want to on these different devices.

Amongst all these settings and features, cyber criminals look for “exploits.” An exploit is a particular setting, feature or sequence of commands that will cause an unintended or unanticipated behavior to occur on a computer or other device. Exploits create security vulnerabilities because cyber criminals can use them to open a backdoor to your network, allow malware to run, or do other damaging things. New exploits are discovered on a weekly or even daily basis.

Updates

When an exploit is discovered, software companies quickly rewrite their code and release updates or patches to stop the exploit from working. To protect against newly discovered exploits, devices must be updated with the latest versions of operating systems and programs.

To keep your computers and other devices safe, you should be checking for and installing updates regularly, ideally on a weekly basis. This is particularly the case for Microsoft products, which are prone to security vulnerabilities. While not as prone to vulnerabilities as Microsoft products, Apple products should be updated regularly as well. Don’t forget to update the other non-Microsoft or non-Apple software running on your devices. Sometimes direct links to an updates webpage can be found on the Help menu. Otherwise, you should be able to find the software product’s site with a search on Google.

If you are using Windows XP or Office 2003, note that Microsoft will no longer be supporting these products as of April 8, 2014. Using these products after this date will expose you to greater security dangers. See the “Stop using Windows XP and Office 2003 on or before April 8, 2014” insert below if this applies to you or your firm.

Automatic updates

Enabling automatic updates can help keep your computers and other devices up-to-date. Both Windows and Apple operating systems have an “automatic update” feature that automatically notifies you when updates are available for your devices. Once activated, the device will periodically check for updates. Available updates will be downloaded, and depending how you configure things, installed with or without your knowledge. Some people prefer to set the automatic updates feature to ask for permission to install updates to avoid problems that might arise due to an update installation. Others prefer to have updates installed without intervention from the computer user (this can help make sure updates get installed).

The Ninite.com site can help Windows computer users check for and install updates (for free). Note, in some firms individual users will have no control over updates as the installation of updates will be centrally controlled and managed. The paid version of Ninite can be used for this purpose for Windows computers.

Back up before you install updates

It is very important to remember that installing updates can unintentionally interfere with the way your computer/device or individual programs/apps operate. It is possible that a program/app may not operate properly or at all, that data could be lost, or that a device will fail to restart after an update is installed. Creating a restore point (a temporary backup of your configuration and data) and/or making a proper backup of all the programs and data on a device before you install updates can help you recover if there are unanticipated problems.

Dan Pinnington is the Vice President of Claims Prevention at practicePRO. This article first appeared in the December 2013 issue of LawPro magazine. Reprinted with permission. For more cyber safety tips, visit www.lawpro.ca.


Stop using Windows XP and Office 2003 on or before April 8, 2014

Microsoft will no longer be supporting Windows XP SP3 (Service Pack 3) and Office 2003 (SP3) as of April 8, 2014. After this date, there will be no new security updates, non-security hotfixes, support or online technical content updates from Microsoft for these products. Your computer will still operate, but if you continue to use Windows XP or Office 2003, you will become more vulnerable to security risks and malware infections. Undoubtedly, cyber criminals will target computers that are still using these programs. For this reason, you should immediately start planning to migrate to more current versions of Windows and Office on all law firm and home computers running Windows XP or Office 2003. Note that most current versions of these products are Windows XP SP3 and Office 2003 SP3. If you are using SP2 or earlier versions of these products, you already have greater security vulnerabilities; as a short-term fix, you should update to SP3 if you don’t already have plans to move off Windows XP or Office 2003.


About the Author

Dan Pinnington

Dan Pinnington is the Vice President of Claims Prevention at practicePRO. This article first appeared in the December 2013 issue of LawPro magazine. Reprinted with permission. For more cyber safety tips, visit www.lawpro.ca.

Read More by Dan >

Related Posts