Have you ever wondered why the programs you use sometimes get updates that are presented as critical but don’t seem to change anything? The process of creating software can be complex, often involving multiple people trying to get different systems with different architectures to work together.
Why updates are necessary
Sometimes, this process can lead to vulnerabilities in the software that the developers don’t realize are there — vulnerabilities that a bad actor might discover and take advantage of to get your data. When developers become aware of such a vulnerability, they can create a patch that fixes it, which is then made available for people who use that software in the form of an update.
Keeping software up to date is a crucial part of keeping your devices and information secure. By installing software updates, you protect your computer from exploits that might be widely disseminated in malicious circles. Of course, hackers and scammers are aware of the power of updates and might try to trick you by disguising their malicious software as a helpful update.
Things to keep in mind when updating
- When downloading or installing a software update, make sure you’re getting it from the website or service of the company that created the software. File-sharing services such as Dropbox, OneDrive and Google Drive have no verification process for their file contents, so even if a sender claims to be passing on an official update, you’d never know until you tried to install it — and then it would be too late.
- Don’t delay installing updates when they’re available, no matter how many programs you have open. Not all updates require that you restart your computer, but even for the ones that do, saving your work and reopening your programs is a lot easier than leaving a vulnerability open, then trying to get money back from a hacker or needing a new computer because you can’t get a virus off your current one.
- Software from legitimate companies usually provides an option to update that software automatically when an update is available. Once this feature is enabled, the software will give you a notice when it’s time for an update or may even install it unobtrusively behind the scenes. Consider enabling automatic updates whenever available and set a reminder to periodically check for updates (quarterly, as a rule of thumb) for software that doesn’t update automatically.
- Scrutinize any urgent prompt to install an update, especially if it asks you to fill out a form or download something from a website that requires a login. If it were urgent, there wouldn’t be any barriers. In particular, be skeptical of any prompt or alert to run updates that is delivered through a web browser via a pop-up window or tab — these are almost always fake and should not be followed.
At Metropolitan State University of Denver, the Information Technology Services team is always keeping track of software and security updates for the various programs used by the University, ensuring that students, faculty members and staff members have a secure and stable technology environment from which to pursue their goals.
Updates for Universitywide software, such as computer operating systems or program suites, such as Office 365 or the Adobe Creative Suite, undergo thorough testing before being released through the University’s official software and asset-management services, Software Center (for Windows) and Self Service (for macOS). Updates for individually or publicly licensed software can also be installed once they’ve been vetted and approved for use.
For more information on software updates in the MSU Denver technology environment, including instructions for how to install or update software on MSU Denver computers through the University’s asset-management services, please see What Is Self Service/Software Center on MSU Denver computers? on the ITS Knowledgebase.
Cybersecurity Awareness Month
This is part of a series of articles for Cybersecurity Awareness Month. MSU Denver is proud to support this far-reaching online-safety awareness-and-education initiative, which is co-led by the National Cyber Security Alliance and the Cybersecurity and Infrastructure Agency (CISA) of the U.S. Department of Homeland Security. For more information about Cybersecurity Awareness Month and visit here to participate in a wide variety of activities. You can also follow and use the official hashtag #BeCyberSmart on social media throughout the month.