A reader recently asked if just running Operating Systems (OC) updates and anti-virus updates was enough to keep their home devices safe. While that’s a good start, it may not be enough to really stay safe out there, so let’s dive a little deeper into this topic:
OS updating is critical to making sure your home/personal devices stay safe. This also applies to work devices, but your organization may have tools that make that happen automatically, so check with your IT team to find out if you also need to do this on those laptops/desktops/etc. Anti-virus/anti-malware tools also need regular updating, but nearly all of them do that by themselves. The few that require you to manually update them are generally the free AV tools, but they’re also pretty simple to keep up-to-date. Open the app, go to the settings page, and check for updates. By making sure to keep these two things (the OS and your anti-malware tool) updated, you help to ensure that the majority of threat activity which isn’t coming in via social engineering techniques like phishing will get blocked. Don’t forget to do this for your phones, tablets, smart TVs, and other devices around your home. If it has an OS and connects to the Internet, you’ve got to make sure the device is checking for updates, or that you’re doing it yourself.
Generally, you should be updating once per week. That’s a good trade-off between time spent doing updates and security for your devices. Set aside 30 minutes once per week to run through the process, and you’ll keep everything running smoothly. At the absolute least, you should be updating once per month, but a weekly cadence is a better choice as different vendors release updates on different schedules.
That being said, your OS is not the only software running on your home systems. Windows, MacOS, and Linux devices – along with phones, TVs, and other smart devices – all run applications, and those applications can also get out of date. As these apps age, security researchers and threat actors alike find vulnerabilities in the software that can be used to make the app misbehave, gain access to things outside of the app itself, or cause damage to your data and/or steal it. Because of this, you’ll need to make sure you’re updating those apps regularly, but it doesn’t have to be a big time-sink. If an app is no longer supported by its vendor, then it is definitely time to start seeking out an alternative that is actively being updated. Legacy applications (apps that are no longer in active development) are a massive problem in the cybersecurity world, and while updating to a new app or a new version of the old app isn’t easy, it is absolutely necessary. Get that process started as soon as possible to give yourself time to make the change before a security vulnerability is discovered in that legacy application that forces you to migrate with no warning.
Let’s look at how to do these kinds of updates on the major operating systems and for lots of applications:
To update your OS…
On Windows 7 and higher:
Go to Settings from the Start menu, then look for Windows Update. Check for Updates, then install anything it finds. You may need to reboot, and if so be sure to check Windows Update again after your reboot to make sure there aren’t any further updates to apply.
On MacOS 12 and higher:
Go to the Apple Menu in the upper-left of the screen and choose System Settings. Then go to General, then Software Update. Let the system check for updates, and if it finds any go ahead and install them. In nearly every case this will require a reboot, but it needs to happen so give your Mac the time it needs.
On Linux:
Open a Terminal window and use your preferred package manager (like APT or yum) to look for updates. If any are found, install them. The good news is that, while you do this via the terminal, package managers also update any other software that was installed via the package manager in question, so you update nearly everything all at once. Reboots are rarely required, but if one is needed then you should let it go ahead and restart.
For applications, things are a bit different for Windows versus MacOS and Linux. Let’s step through the three major OS types and how you can keep up to date.
Windows: The elephant in the room. By default, you can get Microsoft application updates for apps like Office via Windows update (you may have to tell Windows Update to do that in its own settings page), but any other apps are not included in that check. This means you have to either use an app updater or go app-by-app to check for updates manually. You can typically find the update check in the Settings or Help sections of the application. There are some app managers like PatchMyPC ( https://patchmypc.com/home-updater ) that can help with many apps, and they’re worth checking out. Keep in mind that you should not use a patch manager unless you have reviews from trusted sources that they’re legitimate and safe. It’s unfortunate, but there are several “app manager” tools for Windows that are actually malware/spyware themselves. Microsoft themselves has tried to help here, with the Microsoft Store app allowing you to keep any apps you buy through that tool updated, but only a small portion of the available Windows apps are currently in the Store just yet.
MacOS: Apps from the App Store can be updated by just going to the Store, then clicking Updates on the left-hand menu. For other apps, you’ll need to either check the apps manually (usually it’s in the applications main menu or the Help menu) or use an app manager for any apps you have that didn’t come from the App Store. MacUpdater (note the spelling, with an “r” at the end) is a great app manager for MacOS, and is reasonably priced ( https://www.corecode.io/macupdater/ ). It tracks tons of apps, and let’s you update with a simple click when it finds one that’s outdated. I’m not being compensated by them, I just use the tool myself and know it works really well. The Standard version will get the job done for most, but there are lots of options to choose from. Between the App Store covering a huge number of apps, and tools like MacUpdater taking care of the rest, you will be covered.
Linux: As mentioned in the OS section, package managers for Linux also update any applications installed from packages – which is the vast majority of apps you’d run on Linux. There are exceptions here and there, and you’ll need to manually check those periodically to stay up to date.
Don’t forget to also have your phone, smartTV, smart home devices, and other things connected to the Internet also check for updates. This includes both OS and app updates! For example, you can ask Alexa to “Check for software updates,” and it will look for any new software it needs. iPhones and iPads can be updated by going to Settings: General: Software Update for the OS, and the Updates page of the App Store for apps. Android is a bit different, but Google has instructions for OS updates here: https://support.google.com/android/answer/7680439?hl=en and the Play store can help keep your apps up to date.
Keeping both your Operating Systems and applications updated is critical to staying safe. Even with a great anti-malware system, outdated applications can let threat actors perform attacks that can succeed. Taking half an hour once per week to keep things up to date is an easy – and effective – way to make sure you’re not giving an attacker any low-hanging fruit to take advantage of.