by Larry Magid
This post first appeared in the Mercury News
If you’re using a computer with a very old operating system or even a recent version that’s in need of an update, you’re taking an unnecessary risk. The same goes for internet browsers and, for that matter, all your PC software and mobile apps.
Hackers are always on the lookout for flaws in operating systems and other software that they can exploit. Sometimes it takes them awhile, but once word is out that there’s a vulnerability, the bad guys not only figure out how to take advantage of it, they also share their knowledge with other criminals — sometimes for a small fee — which greatly increases the chance that someone will compromise your out of date system.
In most cases, it’s an easy fix. Windows and Mac computers along with iOS and Android phones can be configured to automatically update themselves when a new update (sometimes called a “patch”) is released. But the update doesn’t necessarily happen immediately, so it’s a good idea to periodically check by following the instructions from the links at connectsafely.org/updates. Microsoft frequently issues “patches” on Tuesday so I make it a habit of checking Tuesday afternoon or Wednesday morning. I periodically check other devices to see if they’re ready for an update.
And updates are not just a thing for computers and smartphones. Smart TVs and devices like Roku and Apple TV also need to be updated as do internet routers and other devices. Even my WiFi connected Air Fryer and air purifier get software updates because they too can be compromised or used as entry points to compromise other devices on my network.
And, yes, there have been rare cases where an update causes a problem. It happens far less often than updates fixing problems and, when it happens, it’s usually quickly fixed. I do recommend waiting at least a few days before downloading a completely new version of an operating system, but I have no hesitation recommending that you immediately apply any security updates.
Windows users update less often then Mac users
What promoted me to cover this topic this week was a notice from Microsoft that Windows 8.1 stopped receiving security updates on January 10th. That means that Microsoft will no longer even attempt to keep that version of the operating system secure. Windows 7 was officially retired in 2015, but some users were able to get an “extended security update,” which came to a final end this week.
While Microsoft has moved on to newer versions of Windows, many users haven’t. Nearly 9% of U.S. users and an even higher number globally, are using expired Windows 7, 8, 8.1 or Windows XP. Nearly 70% are using Windows 10, which still gets security updates even though Windows 11 has been widely available since October 2021. Unlike those much older versions, Windows 10 is stable and won’t be retired until October 2025, but Windows 11 does have some improvements including new security features. Not all PCs, even some bought in the last three or four years, can be upgraded to Windows 11. But regardless of whether you have Windows 10 or 11, you should still do regular security updates.
Apple issues new versions of both its Mac and iOS operating systems every year and patches as needed. Apple claims to have a much higher uptake rate for its new operating system versions than Microsoft. The same is also true for iOS vs. Android but — in the case of Android users — new versions must be released not just by Google but the device maker as well who typically lag behind Google when it comes to making new versions available. Still, any responsible device maker will release security updates as needed so — again – make sure you’re checking for updates.
It’s also important to update your software and apps. All the major app stores (Windows, Mac, iOS and Android) have features that will automatically update apps when new versions come out. In many cases, these versions simply offer features or bug fixes, but there are plenty of situations where an app developer is fixing a security flaw, so it’s important to update apps as well as browsers and operating systems.
There are also third-party tools that check for updates. Norton 360, for example, has a software scan that checks for out-of-date programs and updates them for you.
I don’t know any way to completely eliminate cybersecurity risks, but keeping your software and systems up-to-date, along with other good habits such as strong and unique passwords and not falling for scam emails or phone calls, goes a long way toward keeping you from being victimized. You’ll find more security advice at ConnectSafely.org/Security.