Have you recently updated your software? Maybe it’s not the safest
Not always having the latest version is having the best protection on your systems. You know why?
New viruses and malware appear every day that put the cybersecurity of companies at risk, and in some cases the impact of these viruses and malware is devastating, because the IT assets that are part of the Information Systems are not adequately protected with the latest updates, thereby allowing cybercriminals to take advantage of existing vulnerabilities.
To begin with, you need to determine the nature of the update, as not all updates are security-related and it may not be as urgent to get up to speed. On the other hand, and it is the QUIZ of the matter, the update can lead to the reappearance of existing vulnerabilities that had not been identified or the emergence of new ones.
We must know how to differentiate between extraordinary updates (urgent / critical) focused on security or periodic updates that also include product improvements:
Updates for urgency / criticality:
- New malware is detected and the manufacturer releases a patch urgently. Updating is the only way to be sure, even though it can (and does) happen that multiple versions of the same update are released.
Updates for urgency / criticality:
- Every certain period of time, the manufacturer releases a new version that corrects bugs of the previous one. Perhaps we remedy a known vulnerability vector, but others appear that may be more dangerous and pose a greater risk to our security.
The great ones forgotten in the update process are the firmware (operating system) of printers, routers, switches, etc., although they pose a high risk because they are the target and means of attack by hackers. These updates fix serious vulnerabilities and bring new hardware functionality. These need to be updated when indicated by the manufacturer, as they are always major cumulative updates that fix a wide variety of issues.
As best practices, we recommend:
· Do not update by inertia.
· Assess, prior to implementation, the condition that the implementation of the update may lead to in terms of security and stability.
· Wait a reasonable time before applying the update, except in the case of critical updates and those corresponding to items that include firmware.
Do we advise you on it?
cybersecurity #cyberdefense