Cyber Security

Keeping updated

Whether to keep on top of operating system and application updates is another topic open to debate. And for good reason. Those who argue against this will point out that very often the update might include an undesirable side-effect, and can result in unwanted downtime. This is undeniably true. But those arguing for it will point out that by not updating you leave yourself open to exploitation, and cite examples such as the Hafnium Exchange server attack, or the Log4j Apache attack which is causing no end of disruption even as I write this blog.

So what's the answer, as the debate seems pretty balanced? AMITCs view on this is that whether you regularly install updates or not, you inevitably end up with unwanted downtime due to both updates and security breaches. But there are very few examples where an installed update results in a security breach of some kind, whereas an unpatched vulnerability definitely could. And at least you can manage the actual time of day when you apply updates, perhaps performing them out of work hours to save user downtime in the event that there are unwanted side-effects, and to delay them by a few days so that any side-effects become known beforehand. So we recommend that you keep on top of security updates, applying them within a week of release, and install other non-critical updates on a regular, managed basis. And to simplify the whole process on a Windows network, make use of Microsoft's WSUS application. This helps your identify where updates are causing errors, and where updates are not being installed in a timely manner.

Posted 14/12/2021