Software updates can be boring. They take time to install, move (or remove) the features you use, and sometimes even break things. Still, we recommend that you update (and upgrade) your software whenever possible. The Internet is a dangerous place.
Security Updates 101
The operating systems and applications you use every day almost certainly have security holes. Writing software is complicated and these flaws are seen regularly. When they are, they are corrected with security updates.
If you install updates regularly (many modern apps do this automatically), you will receive the security update and you will be safe from this path of attack. If you don’t install the updates, there is now a known attack that can be used against you. If you’re using an older, unsupported version of an app that doesn’t receive these latest updates, that’s also a problem – you need to upgrade to a modern, supported version of the app that receives them.
In other words, if you are running Word 2000 on Windows XP, you have problems. There are years and years of known security holes that could be used against you – even just downloading and opening a DOC file could be dangerous.
What’s the risk, really?
There are many types of security vulnerabilities, but it is very common for bugs to let seemingly legitimate files compromise software. For example, a specially crafted JPEG image or MP3 music file could exploit a known flaw in an application to run malware. A problem in a web browser could allow a malicious website to bypass your security and install malware. An operating system problem could leave a Earthworm compromise and take back your system.
With access to your computer, an attacker could install malware, run a ransomware attack that keeps your files hostage until you pay, place a keylogger on your system that sends your passwords and credit card numbers to a criminal, or captures your personal data and uses it for identity theft. A RAT might even hide in the background and take compromising photos of you on your webcam.
You can protect yourself by making sure your software is up to date. Make sure you are using apps that are always supported with security updates, and make sure that they are configured to automatically install these updates, if possible.
Not just web browsers and operating systems
Vulnerabilities in web browsers can allow malicious web pages to take over your PC or install malware. Likewise, security breaches in operating systems are quite dangerous and can let worms and other malware bypass your security.
But it’s not just about web browsers and operating systems. Other applications on your computer may also have security vulnerabilities. For example:
Microsoft Office has had many security vulnerabilities, and not just in Microsoft Outlook or macros. This old copy of Word 2000 might be perfect for your needs, but it has security holes that could be exploited: you just need to download and open a malicious DOC file or maybe even copy and paste a malicious image file in Mot. Office 2010 is supported with security updates through October 13, 2020. If you are using an older version than this, it is vulnerable.
File archiving and decompression tools as WinRAR, 7-Zip, and WinZip had security vulnerabilities. If you download and open a malicious archive, it could install malware on your PC. Security fixes in newer versions of the File Archiving Tools fixed this problem.
Photoshop and other image applications have had a variety of security vulnerabilities that could result in malware attacking your system if you open a malicious image file.
Media players like the popular open-source VLC Media Player, Apple iTunes, and Spotify had bugs that could let your PC take over when you open a malicious music or video file.
Check for updates in VLC under Windows 10. “width =” 650 “height =” 287 “onload =” pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon (this); “onerror =” this.onerror = null; pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon (this); “/>
These are just a few examples. If an application on your system communicates with the Internet or opens any type of file downloaded from the Internet (even an image, text, music, or video file), it is potentially vulnerable to some type of attack.
By installing updates when they are available and making sure that you are always using a supported version of the software that receives updates – for example, not an older version of Microsoft Office or Adobe Photoshop – you have made sure that your software is not vulnerable to all known security vulnerabilities.
You don’t always need the latest versions
Updates are needed, but immediate upgrades to new major versions are not always necessary. While using outdated software that no longer receives updates is a bad idea, many companies and developers support older versions of software with updates for a period of time before forcing you to upgrade. the next big version. For example:
Windows 8.1 is always an option: While Windows 7 and Windows XP are no longer supported, Microsoft still supports Windows 8.1 with security updates until January 10, 2023.
Microsoft Office gets years of updates: You don’t have to pay for Microsoft 365 or buy the latest version of Office on every release. If you have Office 2016, for example, it is still supported with security updates until October 14, 2024.
macOS gives you a few years: Apple does not have an official written support policy, but the company generally supports the three most recent versions of macOS with security updates. So even after releasing a new version of macOS, you probably have about two years to stick to your current version, if you want to.
Firefox ESR Offers slower browser updates: If you want a browser that changes less often, Mozilla offers an “Extended Support Release (ESR)” of Firefox. The standard version of Firefox receives major updates every four weeks, but the ESR version receives major updates every 42 weeks. However, Mozilla keeps the ESR version up to date with security updates.
The options above are supported with security updates, and that’s what matters.
But what about…?
Of course, there are ways around this problem. if you have an old PC that you have “empty” – in other words, it’s not connected to the internet – and you’re running old software on it, that’s probably fine.
Of course, if you download a malicious file and bring it to that computer where it attacked an older application, it could cause ransomware access to your files locked.
Ultimately, it’s important to be aware of the risks – and there are risks – of running obsolete software. You don’t always need to be running the latest versions of software, but you should be running software that is always compatible with updates.
If you are still dependent on an older app that no longer receives updates, we recommend that you find a more modern replacement. It probably means learning something new, but at least you’ll have secure, compatible software.
Of course, you don’t have to follow our advice. You can perform whatever you want. Just know the risk you are taking if you keep running unsupported software and be careful whether it is for your PC or maybe even run old software in a sandbox or virtual machine.