CAM 2023 Week 4 – Update Your Software!

Welcome to the last week of Cybersecurity Awareness Month for 2023. We are approaching the end of October, with November in sight next week. I hope you have enjoyed this year’s articles and I hope you have had a chance to complete the Virtual Scavenger Hunt. If not, get on it! You can go to the Start Page via this link. The hunt will conclude on Friday, October 27th, so now is the time to get started. If you are curious about what we discussed in the first three weeks of Cybersecurity Awareness Month, you can jump to Week 1 here, Week 2 here, and Week 3 here.

This week we will briefly discuss the necessity of updating your software. Whether that means restarting your browser periodically to allow it to update, or allowing your smart phone to automatically install updates, or restarting your desktop or laptop to let updates run, updating your software is important.

Nearly all modern browsers, but definitely Chrome, Firefox, and Edge, will notify you when they have an update available. You will see the notification in the upper right corner of the browser. Browser updates occur about once a week, sometimes less frequently, and if you have your browser set to reopen all open tabs when it restarts, you should not lose your place in your browsing, aside from social media sites that might update.

Browsers used to be very vulnerable to software flaws, but all have gotten better in recent years. The riskiest aspect of the browser now is what plugins you have installed. Plugins are notorious for having flaws in their code, and they don’t all update automatically. Be sure you are using credible plugins from reputable sites and services and install them from the browser plugin “store”. This will help you avoid plugins that have been modified with malware or other software issues.

We handle all kinds of sensitive data on our phones, from bank accounts to passwords, so allowing your phone to be hacked will have an immediate and serious impact on your life. Therefore, you should also make sure you are updating your smart phone on a regular basis. Apple phones will notify you about updates and attempt to install them when the phone is idle and plugged in. If you have an update that won’t seem to complete overnight, find time to stop and manually allow the update to run. Google puts out updates for the Android operating system, but wireless carriers tend to modify the Android operating system on their phones so heavily that getting updates is rare, unless you are using a Pixel phone. Just pay attention to notices on your phone about updates and make sure you run them when they are available.

Finally, be sure to restart your desktop or laptop computer regularly to allow updates to install. Updates for the Windows operating system come out the second Tuesday of each month, with occasional important updates in between. Other companies have adopted this second Tuesday patch day also, while others still continue to put out patches whenever they feel the need to. These updates almost always require a reboot of the computer to complete, so be sure to do that once or twice a month at a minimum.

You primary software that you use, like Microsoft Office, or Adobe Acrobat or other programs also put out updates. Some have made the update process easy, requiring just a restart of the program, like the browsers we have already mentioned, some require you to download a file and manually update, but most are in the middle, requiring you to click on a link or button to start the upgrade process. Regardless, you should update when the program prompts you to. Be careful with pop-up prompts to update software, particularly if you are browsing the web, as these are almost always linked to malware or adware that will cause you problems. Be sure the notice came from your program.

Software updates are important as they fix flaws that can lead to being hacked. The more up-to-date you are, the safer you are. So go update all those things now!

There will be one more article wrapping up Cybersecurity Awareness Month coming later this week. We’ll talk about simulated phishing campaigns, current phishing trends, and other things to look out for from Information Security.