Network Security guide for the home or small business network – Part 5 – Update your software



Okay – so after the last article you’ve inventoried what software you use on a PC and you know what services (server’s) the pc runs that you’ve told it to. You even know what passes as “normal” startup programs. Now it’s time to put that to use. It’s time to keep up with updates for the operating system, any of the programs you use form time to time, and any programs that listen as a service (actively listen for incoming network connections.)


Wow, that’s a lot though! Yes it is. This is probably the toughest part of internet security in many ways. Keeping up with updating everything can be overwhelming. This doesn’t mean you have to go out and buy new versions everytime a software maker releases the next better version. We’re talking about security fixes. With Windows *(operating system) these are usually called critical updates. http://windowsupdate.microsoft.com is a good place to visit to check for these. This is the official Windows Update site from Microsoft. Automatic updates can download and install those updates for you, but I like to go to the update site myself and check first hand to make sure a system is up to date.

Remember, Microsoft doesn’t make a practice of emailing customers about security updates. Don’t be too quick to trust links you find in emails claiming to notify you of updates. Type the address into your web browser bar. http://officeupdate.microsoft.com is the Microsoft site for official Microsoft Office updates. Some of these go beyond security updates to bug fixes and in some cases feature improvements. (As do some of the Windows updates).

In the case of other software, you will need to visit those publishers sites individually, or use an update capability within their program. Recently there have been security updates for realplayer, acrobat reader, macromedia flash player among others. Internet Explorer updates are dealt with through Windows update, but these third party updates are just as important.

Some linux systems make getting updates for all installed software very easy. (apt-get update from the command line, or urpmi.update -a && urpmi –auto –auto-select ). Now the downside of updates. Sometimes software updates fix one feature but break another. The risks of the breakage vs. the fix have to be weighed carefully. If the breakage is considered to severe to install a security update, that program needs to be treated with much more suspicion because it is more vulnerable.

This really is the one part of network security that seems like an endless fight. Remember the saying though, security is a process not a product (nor is it a destination, but a direction.)

Related Posts

Blog Traffic Exchange Related Posts
  • Microsoft Update day for September.... AND Flash... AND Apple Yesterday, of course, Microsoft released it's monthly patches. I found the Windows update site to be painfully slow (and in some cases unresponsive.) It wasn't quite a huge update day by recent standards, but here's the summary.... Incidents.org has a nice chart showing the two re-released patches (one is actually......
  • Network Security guide for the home or small business network - Part 2 - A Software Firewall Do I really need a hardware firewall? I'm running XP Service Pack 2 with the built in firewall? (or norton, or zonealarm?) Well, personal firewalls (the name that software firewalls go by) are good for a great many things that hardware firewalls AREN'T. They do have their limitations though and......
  • Windows RDP Denial of service vulnerability I just saw this article at zdnet news a few minutes ago. Basically a new security bulletin is out with regards to Windows Remote Desktop Server being vulnerable to a denial of service (DoS) attack. Essentially it affects Windows 2000, XP and Server 2003. It appears that under an overwhelming......
Blog Traffic Exchange Related Websites
  • Microsoft Security Bulletin Summary for September 2010 - Issued: September 14, 2010 ******************************************************************** Microsoft Security Bulletin Summary for September 2010 Issued: September 14, 2010 ******************************************************************** This bulletin summary lists security bulletins released for September 2010. The full version of the Microsoft Security Bulletin Summary for September 2010 can be found at http://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx. With the release of the bulletins for September 2010, this......
  • Review of COPEAC Affiliate Network COPEAC Affiliate network is a new kind of affiliate network (their web site says this Quote) and its yet another option for making money from affiliate marketing. And their web site claims that they have 40K quality publishers. COPEAC is a Cost-Per-Action (CPA) based affiliate network, they supply top converting......
  • Ping.fm for webOS: Update all your Social Networks from your Palm Phone Fed up of having to update each of your social networks one-by-one? Too many passwords to remember? Ping.fm is a cool application which can update all your social networks in one go. All you need to do is configure your social networks with ping.fm and it takes care of syncing......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Leave a Reply

You must be logged in to post a comment.


Switch to our mobile site