I’m Jeffrey Wheatman, Cyber Risk Evangelist at Black Kite. October is Cybersecurity awareness month and we are going to talk about software updates.

The trigger for the blog was one of my kids* calling me late last week to tell me they received a pop-up telling them a software update was available for their laptop.

* Names have been changed to protect the guilty

I paused, thinking there was a second part to the conversation, but there wasn’t. I sighed, and had them spin up a facetime call so I could see what was what. This is what I saw —

Obviously, I am joking, nobody ever really used Windows ME. But, I did see that the laptop was 4 system updates behind. I sighed again and had them run the update. It had been so long since they updated the laptop that it took almost 4 hours to successfully get the machine up to date.

And my kids are pretty tech savvy. That being said, they are also busy and it is all too easy to click the button that says ‘update, update, go away … come again another day.’ Which is unfortunately what most people do.

Too often we treat software updates as a non-urgent suggestion, rather than a necessity

If you are reading this, you either know me or you are a technology person (of course you could be reading for entertainment value, in which case you should probably seek professional help).

If I gave you sodium thiopental and asked if you always update your system software and applications immediately, you would be lying if you gave me an uncategorical yes. Of course if you believe what movies show, you cannot tell a lie, but that is neither here nor there.

Why do the updates really matter?

Here is the thing. Missing patches are an attacker’s dream. Imagine being a car thief and finding out that 60% of car owners left the keys in the ignition. Here are some statistics to get you thinking.

  • According to this report from 2019, 60% of breaches were directly attributable to missing patches (unpatched vulnerabilities)
  • The number of vulnerabilities has grown year over year since 1999
  • The number of lines of source code has increased astronomically over time
  • 87.33333333% of people never patch (OK I totally made this one up)

Bottom line, if we patched, we would be safer.

Here are some tips.

  1. Turn on automatic software updates for every software application that offers it as an option.
  2. Stop clicking, “later please,” please.
  3. Don’t call me if you are being prompted for system updates (unless you are one of my kids.)

Very simple and it will go a long way to keeping you safer.

Stay safe, stay healthy, stay secure and stay patched.

Wheatman, Out!