The value of software updates – avoid being hacked.
May
19
Written by:
2009/05/19 07:08 PM
How many of you today have software on your machine or server that is not up to date? Whether that be your browser, Operating System, Web Software, Server Software, Anti-Virus, or whatever. Most people think that if the update to any particular software does not offer any new functionality, or increased speed, or fix a horrible bug, then its not worth updating. When in reality most updates are centred around security and bugs, and are probably important. You think that because you have not had any security issues in the past, there is no reason to believe that you are not protected. You’re Wrong.
Even though it might seem a pain and a waste of time and bandwidth, it definitely pays to keep up to date with software updates. Don't learn the hard way. There are many scoundrels and criminals waiting to take advantage of your ignorance and lack of security.
It fascinates me that there are people that spend time trying to find security holes in software to exploit. Most of the time there is not criminal intent, but rather malicious in nature. It is a challenge, something to defeat and overcome or break, or should I say the word, HACK.
That's right, there are people out there itching to hack your computer, websites, server. Don’t think it can’t happen to you. It happened to me, and I am in the IT business. I should know better.
Well I did and I didn’t. I had all the firewalls installed and running. Anti-virus, anti-spam, anti-spyware. My OS updates were up to date. Applications were up to date. What I forgot was my website and ISP. I naturally assumed that they would be up to date. I found out that as far as I am concerned that they were not, and the responsibility was put onto me.
You see, I have a Content Management System. Which I assumed will be updated when needed, automatically. It was not. Subsequently, my CMS software was not updated, as a result, a security flaw was exploited.
The result seemed only to be malicious. The security flaw enables an anonymous user to upload a non-executable or potentially dangerous file. Like a text file or a picture file; jpeg, gif, png. Subsequently my website logo was overwritten with some other logo. A not so nice picture. This was more malicious than anything else. Needless to say, it sent me into a panic.
I later found out, that the reason why this happened, was because I was not up to date with my CMS software. This hole had been found a year ago and patched. If I had updated my web CMS software, I would have avoided a very embarrassing moment.
Here is a quick list as to what type of software updates you must keep up to date on:
- Operating software
- Firewall
- Anti-Virus
- Anti-Spam
- Anti-Spyware
- Office / Email
- Server software
- Web server
- Database server
- Public applications
- Websites
- Content Management Systems
- CRM
My advice is to keep up to date as much as possible. As well as keep yourself informed and up to date within the industry. Know what’s going on.
Do you have any other important software updates that one needs to consider. Leave us a note via the comments. Have you been hacked before? How did that make you feel?
blog comments powered by