Patching and Maintenance

Software vendors issue patches on a regular basis in response to security flaws and to repair operating system and application program malfunctions. Some updates enhance functionality and performance and others correct deficiencies and security flaws. If you allow software on your systems to become out of date, they become more vulnerable to attacks. Keeping up to date on patches is a security responsibility.

 

Microsoft operating systems have automatic patching available. If you have a home system, or handle your own desktop, automatic patching is recommended on a frequent basis (checking and downloading patches). Software applications (Firefox, Thunderbird, Adobe Acrobat, etc.) also need to be updated with patches.

 

Below are important web pages that provide up-to-date vulnerabilities on a variety of software systems.

If you administer your computer, create a plan for upgrades that will enable you to stay ahead of the threat. If you are using different types of operating systems, you may need to develop different types of patching strategies. Many compromised systems are the result of not keeping patches current.

 

* Evaluate the need for a patch. If the patch is for an application or service that is not running on the system, then there is no need to install it. However, operating systems install many features by default, so it is prudent to be aware of exactly what is running on each system.

* If possible, install a patch on a test system prior to installing it on a critical system. Patches have been known to crash systems or have unwanted side effects on the application software.

* Even though a patch has worked well on the test system, back up up critical systems prior to the installation of a patch. If the worst happens, the system will be recoverable.